urlscan.io logo urlscan.io
SecurityTrails logo

hairbarnyc.com Open in urlscan Pro
35.155.45.56  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://hairbarnyc.com/
Effective URL: https://hairbarnyc.com/
Submission: On November 03 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 35 IPs in 4 countries across 26 domains to perform 134 HTTP transactions. The main IP is 35.155.45.56, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is hairbarnyc.com.
TLS certificate: Issued by R3 on October 11th 2022. Valid for: 3 months.
This is the only time hairbarnyc.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 62 35.155.45.56 16509 (AMAZON-02)
1 2600:9000:21c... 16509 (AMAZON-02)
6 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2600:9000:225... 16509 (AMAZON-02)
1 13.226.153.18 16509 (AMAZON-02)
2 138.128.247.123 36007 (KAMATERA)
1 13.225.84.91 16509 (AMAZON-02)
2 2606:2800:234... 15133 (EDGECAST)
4 2a03:2880:f04... 32934 (FACEBOOK)
2 54.157.58.70 14618 (AMAZON-AES)
1 13.224.189.51 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a03:2880:f14... 32934 (FACEBOOK)
4 13.224.194.61 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
12 45.79.6.119 63949 (LINODE-AP...)
2 108.157.5.209 16509 (AMAZON-02)
1 2600:9000:21f... 16509 (AMAZON-02)
2 147.185.239.229 36007 (KAMATERA)
1 151.101.128.84 54113 (FASTLY)
1 13.224.189.122 16509 (AMAZON-02)
1 104.244.42.8 13414 (TWITTER)
1 2a00:1450:400... 15169 (GOOGLE)
5 72.14.190.90 63949 (LINODE-AP...)
1 151.101.66.137 54113 (FASTLY)
3 34.107.204.85 396982 (GOOGLE-CL...)
1 54.218.207.27 16509 (AMAZON-02)
2 162.247.241.14 23467 (NEWRELIC-...)
1 34.117.59.81 396982 (GOOGLE-CL...)
134 35
62    35.155.45.56 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-155-45-56.us-west-2.compute.amazonaws.com
hairbarnyc.com
1    2600:9000:21c7:d200:18:f6c:8f00:93a1 (United States)

ASN16509 (AMAZON-02, US)
checkout-sdk.sezzle.com
6    2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a02:26f0:6c00:286::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
assets.pinterest.com
1    2600:9000:225e:2600:1:28b3:b280:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.weglot.com
1    13.226.153.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-153-18.dus51.r.cloudfront.net
static.hotjar.com
2    138.128.247.123 (New York, United States)

ASN36007 (KAMATERA, US)
acsbapp.com
web1.acsbapp.com
1    13.225.84.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-84-91.fra2.r.cloudfront.net
d1yw3duy3i4qiv.cloudfront.net
2    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
4    2a03:2880:f045:10:face:b00c:0:3 (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    54.157.58.70 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-157-58-70.compute-1.amazonaws.com
hirefrederick.com
1    13.224.189.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-51.fra2.r.cloudfront.net
script.hotjar.com
2    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a03:2880:f145:82:face:b00c:0:25de (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)
www.facebook.com
4    13.224.194.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-61.fra2.r.cloudfront.net
d34oxwxegf4jrt.cloudfront.net
1    2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
12    45.79.6.119 (Richardson, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1105-119.members.linode.com
hairbarnyc.ladesk.com
2    108.157.5.209 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-5-209.dus51.r.cloudfront.net
cdn.segment.com
1    2600:9000:21f3:2600:1f:aa31:7740:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.pendo.io
2    147.185.239.229 (New York, United States)

ASN36007 (KAMATERA, US)
cdn.acsbapp.com
1    151.101.128.84 (United States)

ASN54113 (FASTLY, US)
log.pinterest.com
1    13.224.189.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-122.fra2.r.cloudfront.net
vars.hotjar.com
1    104.244.42.8 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
1    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
5    72.14.190.90 (Richardson, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li105-90.members.linode.com
1-vbus-us-tx.ladesk.com
1    151.101.66.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
3    34.107.204.85 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 85.204.107.34.bc.googleusercontent.com
data.pendo.io
1    54.218.207.27 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-218-207-27.us-west-2.compute.amazonaws.com
api.segment.io
2    162.247.241.14 (United States)

ASN23467 (NEWRELIC-AS-1, US)
bam.nr-data.net
1    34.117.59.81 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 81.59.117.34.bc.googleusercontent.com
ipinfo.io
Apex Domain
Subdomains		 Transfer
62 hairbarnyc.com
hairbarnyc.com
3 MB
17 ladesk.com
hairbarnyc.ladesk.com
1-vbus-us-tx.ladesk.com — Cisco Umbrella Rank: 103848
285 KB
6 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 118
4 KB
5 cloudfront.net
d1yw3duy3i4qiv.cloudfront.net
d34oxwxegf4jrt.cloudfront.net
229 KB
4 pendo.io
cdn.pendo.io — Cisco Umbrella Rank: 2591
data.pendo.io — Cisco Umbrella Rank: 2182
135 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180
199 KB
4 acsbapp.com
acsbapp.com — Cisco Umbrella Rank: 4401
cdn.acsbapp.com — Cisco Umbrella Rank: 5416
web1.acsbapp.com — Cisco Umbrella Rank: 6479
166 KB
3 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 1007
syndication.twitter.com — Cisco Umbrella Rank: 1255
133 KB
3 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 889
script.hotjar.com — Cisco Umbrella Rank: 1168
vars.hotjar.com — Cisco Umbrella Rank: 1210
69 KB
3 pinterest.com
assets.pinterest.com — Cisco Umbrella Rank: 2963
log.pinterest.com — Cisco Umbrella Rank: 4135
19 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 121
146 KB
2 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 404
1 KB
2 segment.com
cdn.segment.com — Cisco Umbrella Rank: 2290
28 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 66
stats.g.doubleclick.net — Cisco Umbrella Rank: 166
2 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 97
20 KB
2 hirefrederick.com
hirefrederick.com — Cisco Umbrella Rank: 326002
14 KB
1 ipinfo.io
ipinfo.io — Cisco Umbrella Rank: 4894
560 B
1 segment.io
api.segment.io — Cisco Umbrella Rank: 1247
175 B
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 750
18 KB
1 gstatic.com
fonts.gstatic.com
17 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 3590
548 B
1 google.com
www.google.com — Cisco Umbrella Rank: 17
548 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
185 B
1 weglot.com
cdn.weglot.com — Cisco Umbrella Rank: 19231
27 KB
1 sezzle.com
checkout-sdk.sezzle.com — Cisco Umbrella Rank: 245546
43 KB
0 favicon.click Failed
favicon.click Failed
134 26
Domain Requested by
62 hairbarnyc.com 1 redirects hairbarnyc.com
12 hairbarnyc.ladesk.com hairbarnyc.com
hairbarnyc.ladesk.com
6 fonts.googleapis.com hairbarnyc.com
hirefrederick.com
5 1-vbus-us-tx.ladesk.com hairbarnyc.ladesk.com
1-vbus-us-tx.ladesk.com
4 d34oxwxegf4jrt.cloudfront.net hirefrederick.com
d34oxwxegf4jrt.cloudfront.net
4 connect.facebook.net hairbarnyc.com
connect.facebook.net
3 data.pendo.io hairbarnyc.com
hirefrederick.com
3 www.googletagmanager.com hairbarnyc.com
www.googletagmanager.com
2 bam.nr-data.net hirefrederick.com
2 cdn.acsbapp.com acsbapp.com
2 cdn.segment.com hirefrederick.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 hirefrederick.com hairbarnyc.com
hirefrederick.com
2 platform.twitter.com hairbarnyc.com
platform.twitter.com
2 assets.pinterest.com hairbarnyc.com
assets.pinterest.com
1 ipinfo.io hairbarnyc.com
1 api.segment.io hirefrederick.com
1 web1.acsbapp.com hairbarnyc.com
1 js-agent.newrelic.com hirefrederick.com
1 fonts.gstatic.com fonts.googleapis.com
1 syndication.twitter.com platform.twitter.com
1 vars.hotjar.com static.hotjar.com
1 log.pinterest.com hairbarnyc.com
1 cdn.pendo.io hirefrederick.com
1 stats.g.doubleclick.net www.google-analytics.com
1 www.google.de hairbarnyc.com
1 www.google.com hairbarnyc.com
1 www.facebook.com hairbarnyc.com
1 googleads.g.doubleclick.net www.googletagmanager.com
1 script.hotjar.com static.hotjar.com
1 d1yw3duy3i4qiv.cloudfront.net hairbarnyc.com
1 acsbapp.com hairbarnyc.com
1 static.hotjar.com hairbarnyc.com
1 cdn.weglot.com hairbarnyc.com
cdn.weglot.com
1 checkout-sdk.sezzle.com hairbarnyc.com
0 favicon.click Failed
134 36
Subject Issuer Validity Valid
hairbarnyc.com
R3		 2022-10-11 -
2023-01-09		 3 months crt.sh
checkout-sdk.sezzle.com
Amazon		 2022-06-22 -
2023-07-20		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.pinterest.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-01 -
2023-08-08		 a year crt.sh
*.weglot.com
Amazon		 2022-03-09 -
2023-04-07		 a year crt.sh
*.hotjar.com
Amazon		 2022-10-25 -
2023-11-23		 a year crt.sh
*.acsbapp.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2022-09-28 -
2023-10-05		 a year crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-06 -
2023-11-06		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-08-12 -
2022-11-10		 3 months crt.sh
hirefrederick.com
R3		 2022-09-09 -
2022-12-08		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.ladesk.com
R3		 2022-09-02 -
2022-12-01		 3 months crt.sh
*.segment.com
Amazon		 2022-01-12 -
2023-02-10		 a year crt.sh
cdn.pendo.io
Amazon		 2022-07-30 -
2023-08-28		 a year crt.sh
syndication.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-07 -
2023-03-06		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-10-17 -
2023-01-09		 3 months crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2022 Q2		 2022-07-10 -
2023-08-11		 a year crt.sh
pendo.io
GTS CA 1D4		 2022-10-29 -
2023-01-27		 3 months crt.sh
*.segment.io
Amazon		 2022-02-10 -
2023-03-11		 a year crt.sh
*.nr-data.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-10 -
2023-02-10		 a year crt.sh
ipinfo.io
GTS CA 1D4		 2022-10-11 -
2023-01-09		 3 months crt.sh

This page contains 7 frames:

Primary Page: https://hairbarnyc.com/
Frame ID: 097A5581F4F4AA14BC9A68C689F08B50
Requests: 99 HTTP requests in this frame

Frame: https://hirefrederick.com/widget/review?location_id=e18af810-45c8-47ad-9737-82c074ad49b9&per_page=5&layout=carousel&background=ffffff&title_hex_color=46ACC5&star_hex_color=46ACC5
Frame ID: 1DC7E6049D4F2240DE6F4538C7775FE5
Requests: 18 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Fhairbarnyc.com
Frame ID: 2A52E03486A3437D9B55990971509D1F
Requests: 2 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-0feefa1930c964ac6aa4db4e99e8f25f.html
Frame ID: E18864C20BD0E98C2F563E3850638D86
Requests: 1 HTTP requests in this frame

Frame: https://hairbarnyc.ladesk.com/scripts/generateWidget.php?v=5.33.6.18&t=1667482535&cwid=54332a99&cwrt=C&cwt=chat&pt=Best%20Hair%20Salon%20in%20New%20York%20and%20Florida%20-%20HairBar%20NYC&ref=https%3A%2F%2Fhairbarnyc.com%2F
Frame ID: 46BAC4529005342A14CD07D9B6D6C80F
Requests: 4 HTTP requests in this frame

Frame: https://hairbarnyc.ladesk.com/scripts/generateWidget.php?v=5.33.6.18&t=1667482535&cwid=54332a99&cwrt=C&cwt=onlineform&pt=Best%20Hair%20Salon%20in%20New%20York%20and%20Florida%20-%20HairBar%20NYC&ref=https%3A%2F%2Fhairbarnyc.com%2F
Frame ID: 3AA3B69D15624402C9C1FF1E1A4E6912
Requests: 5 HTTP requests in this frame

Frame: https://1-vbus-us-tx.ladesk.com/5_33_6_18/scripts/lib/bus.html?v=5.33.6.18
Frame ID: 88EA0E78E564EA5EAD4A6681FFD7D8BB
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Best Hair Salon in New York and Florida - HairBar NYC

Page URL History Show full URLs

  1. http://hairbarnyc.com/ HTTP 301
    https://hairbarnyc.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]+foundation[^>"]+css
Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css
Overall confidence: 100%
Detected patterns
  • require.*\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • cookieconsent\.min\.js
Overall confidence: 100%
Detected patterns
  • //assets\.pinterest\.com/js/pinit\.js
Overall confidence: 100%
Detected patterns
  • cdn\.segment\.com/analytics\.js
Overall confidence: 100%
Detected patterns
  • swiper(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • cdn\.weglot\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

134
Requests

99 %
HTTPS

44 %
IPv6

26
Domains

36
Subdomains

35
IPs

4
Countries

4355 kB
Transfer

11320 kB
Size

20
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://hairbarnyc.com/ HTTP 301
    https://hairbarnyc.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

134 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
hairbarnyc.com/
Redirect Chain
  • http://hairbarnyc.com/
  • https://hairbarnyc.com/
340 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
5529df7f4b430b90d0367198147b2dbde72cbfcbb24697d4a41caa040974015a
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
28823
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Content-Type
text/html; charset=utf-8
Date
Thu, 03 Nov 2022 14:26:34 GMT
Keep-Alive
timeout=5, max=100
Server
Apache/2.4.29 (Ubuntu)
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block

Redirect headers

Connection
Keep-Alive
Content-Length
311
Content-Type
text/html; charset=iso-8859-1
Date
Thu, 03 Nov 2022 14:26:34 GMT
Keep-Alive
timeout=5, max=100
Location
https://hairbarnyc.com/
Server
Apache/2.4.29 (Ubuntu)
jquery-2.1.1.min.js
hairbarnyc.com/catalog/view/javascript/jquery/ 		82 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hairbarnyc.com/catalog/view/javascript/jquery/jquery-2.1.1.min.js
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
b2ce8462d173fc92b60f98701f45443710e423af1b11525a762008ff2c1a0204
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Thu, 03 Nov 2022 14:26:35 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Connection
Keep-Alive
Content-Length
29505
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 20 Dec 2021 14:02:18 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"14919-5d39456389269-gzip"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
bootstrap.min.js
hairbarnyc.com/catalog/view/javascript/bootstrap/js/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hairbarnyc.com/catalog/view/javascript/bootstrap/js/bootstrap.min.js
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
9a3724b2051a82064c923cbd68343dcb04014adac3ccb8c4d8ac6a31ba2e12cd
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Thu, 03 Nov 2022 14:26:36 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Connection
Keep-Alive
Content-Length
9753
X-XSS-Protection
1; mode=block
Last-Modified
Tue, 04 Feb 2020 15:43:51 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"8fd6-59dc1e80d7bc0-gzip"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
jquery.session.js
hairbarnyc.com/catalog/view/javascript/jquery/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hairbarnyc.com/catalog/view/javascript/jquery/jquery.session.js
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
9f534e7621a867ef10f56a094a9a68c0484508f66992f4bbd8dd5bf02d6a3225
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Thu, 03 Nov 2022 14:26:36 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Connection
Keep-Alive
Content-Length
922
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 02 Mar 2020 13:23:48 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"e76-59fdf18e90100-gzip"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
swiper.jquery.js
hairbarnyc.com/catalog/view/javascript/jquery/swiper/js/ 		208 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hairbarnyc.com/catalog/view/javascript/jquery/swiper/js/swiper.jquery.js
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
bbb88a0ad5debf8c3f2e9a143c130ef998ee756a5ff51950953b103e1d264f86
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Thu, 03 Nov 2022 14:26:36 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Connection
Keep-Alive
Content-Length
35462
X-XSS-Protection
1; mode=block
Last-Modified
Tue, 04 Feb 2020 15:45:11 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"3414f-59dc1ecd22fc0-gzip"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
swiper.min.js
hairbarnyc.com/catalog/view/javascript/jquery/swiper/js/ 		94 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hairbarnyc.com/catalog/view/javascript/jquery/swiper/js/swiper.min.js
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
22e71b3903e3ea2b53d152b34a85790f0e6bc2b8dd6795c805909c1b69ae2583
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Thu, 03 Nov 2022 14:26:36 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Connection
Keep-Alive
Content-Length
23620
X-XSS-Protection
1; mode=block
Last-Modified
Tue, 06 Sep 2022 07:10:18 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"178b6-5e7fce384960e-gzip"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
jquery.event.move.js
hairbarnyc.com/catalog/view/javascript/jquery/twenty_twenty/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hairbarnyc.com/catalog/view/javascript/jquery/twenty_twenty/jquery.event.move.js
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
34115179b64f10cbd600e5035c6b5f892424590fcbae2806572b4fdb931f84b7
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Thu, 03 Nov 2022 14:26:37 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Connection
Keep-Alive
Content-Length
4665
X-XSS-Protection
1; mode=block
Last-Modified
Tue, 06 Sep 2022 22:41:46 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"3a75-5e809e6b31564-gzip"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
jquery.twentytwenty.js
hairbarnyc.com/catalog/view/javascript/jquery/twenty_twenty/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hairbarnyc.com/catalog/view/javascript/jquery/twenty_twenty/jquery.twentytwenty.js
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
4c19359ee09e71c2da70f46963267cebd584d9104fd6f52e644b94131faab079
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Thu, 03 Nov 2022 14:26:37 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Connection
Keep-Alive
Content-Length
3056
X-XSS-Protection
1; mode=block
Last-Modified
Sun, 21 Nov 2021 14:11:25 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"23ed-5d14d1570ac19-gzip"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
checkout.js
checkout-sdk.sezzle.com/ 		144 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://checkout-sdk.sezzle.com/checkout.js
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:d200:18:f6c:8f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bd23cf2375e878249436f9dc1336b6a141a50f0d8609931151449cfccad46bc8
Security Headers
Name Value
Content-Security-Policy default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src *
Strict-Transport-Security max-age=15724800; includeSubDomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id
tRwKDMocFjhD3K3wbHK9QXxtaXCcty4a
strict-transport-security
max-age=15724800; includeSubDomains;
x-content-type-options
nosniff
content-security-policy
default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src *
content-encoding
gzip
date
Thu, 03 Nov 2022 13:51:41 GMT
x-amz-cf-pop
AMS54-C1
age
2695
via
1.1 26cdacf328fe4eb4e28173938ab3e92c.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Tue, 01 Nov 2022 13:29:12 GMT
server
etag
W/"cc246da7d754ce6f46763a0312304b99"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-store, max-age=0
x-amz-cf-id
lA1u_XZhb7j2HqCf-5QWNrZcMNA46Fv53GoZFuejsciuFChhO1O2Ew==
swiper.min.css
hairbarnyc.com/catalog/view/javascript/jquery/swiper/css/ 		17 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hairbarnyc.com/catalog/view/javascript/jquery/swiper/css/swiper.min.css
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
46525cb298d262696150996f8731fe08bd6727c7e33f2dc8222ae40f1543dfe6
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Thu, 03 Nov 2022 14:26:35 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Connection
Keep-Alive
Content-Length
2871
X-XSS-Protection
1; mode=block
Last-Modified
Tue, 04 Feb 2020 15:45:10 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"456d-59dc1ecc2ed80-gzip"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
e27ac72c3d7e39b0384dda5441015873.css
hairbarnyc.com/catalog/view/javascript/pavothemer/ 		2 MB
210 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hairbarnyc.com/catalog/view/javascript/pavothemer/e27ac72c3d7e39b0384dda5441015873.css
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
3ee12b59d96390203e8dd31103aac0bb408e569e2dff5d3a60dc156541de2cba
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Thu, 03 Nov 2022 14:26:35 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Transfer-Encoding
chunked
Connection
Keep-Alive
X-XSS-Protection
1; mode=block
Last-Modified
Tue, 09 Aug 2022 13:50:09 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"26a8b0-5e5cf35f13f16-gzip"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
theme-custom-stylesheet.css
hairbarnyc.com/catalog/view/theme/pav_celo/stylesheet/ 		125 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hairbarnyc.com/catalog/view/theme/pav_celo/stylesheet/theme-custom-stylesheet.css
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
ddeab20d440fba6770815144dad4ee6a3832e42b4535b2c800d87fc269b21455
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Thu, 03 Nov 2022 14:26:35 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Connection
Keep-Alive
Content-Length
25975
X-XSS-Protection
1; mode=block
Last-Modified
Thu, 22 Apr 2021 11:55:07 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"1f47f-5c08e59bcfcc0-gzip"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
animate.min.css
hairbarnyc.com/catalog/view/theme/pav_celo/stylesheet/ 		17 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hairbarnyc.com/catalog/view/theme/pav_celo/stylesheet/animate.min.css
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
eaf5aea140f3e48516c27cd9c4a1b49b1cac780055ca2eaed084fcd75eb07e58
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Thu, 03 Nov 2022 14:26:35 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Connection
Keep-Alive
Content-Length
2626
X-XSS-Protection
1; mode=block
Last-Modified
Tue, 04 Feb 2020 15:43:36 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"4242-59dc1e7289a00-gzip"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
css
fonts.googleapis.com/ 		4 KB
725 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Noto+Serif:400,400i&display=swap
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
130054ee6b7b0e6def9d2cce971e2b8799ef3a80adc4623c9f72972ee9a2fe63
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 03 Nov 2022 14:26:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 14:26:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 03 Nov 2022 14:26:35 GMT
css
fonts.googleapis.com/ 		11 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&display=swap
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a5d800754ca9a9ece3b760b994c8335b336f1539771f2a4f3877ea250117bf26
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 03 Nov 2022 14:26:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 13:06:54 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 03 Nov 2022 14:26:35 GMT
jQuery.countdown1.js
hairbarnyc.com/catalog/view/javascript/jquery/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hairbarnyc.com/catalog/view/javascript/jquery/jQuery.countdown1.js
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
01a4c62841de76e1e79aa4808c467b7cb2c1d79160e6cb1ca3a6406448b7ca91
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Thu, 03 Nov 2022 14:26:36 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Connection
Keep-Alive
Content-Length
3038
X-XSS-Protection
1; mode=block
Last-Modified
Tue, 04 Feb 2020 15:40:43 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"27a5-59dc1dcd8d4c0-gzip"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
js
www.googletagmanager.com/gtag/ 		109 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-165298320-1
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2a507a51988dc4a5abb6e2401a4e65dbe115f16b2febcc56930f6cf6c1148123
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 14:26:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43617
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 03 Nov 2022 14:26:37 GMT
pinit.js
assets.pinterest.com/js/ 		361 B
448 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.pinterest.com/js/pinit.js
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:286::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

akamai-x-true-ttl
300
content-encoding
br
x-cdn
akamai
etag
"62d32c28f14783b94192cd8d35bc010d"
vary
Accept-Encoding, Origin
access-control-max-age
86400
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET
access-control-expose-headers
X-CDN
cache-control
max-age=288
accept-ranges
bytes
content-length
203
js
www.googletagmanager.com/gtag/ 		134 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-946241747
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d8da024d3923a0f7aa5aef8691912aa4676336e027a1383e9afdf436b40240e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 14:26:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52836
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 03 Nov 2022 14:26:37 GMT
5f58403901293bce06b22525e93bfdf3.js
hairbarnyc.com/catalog/view/javascript/pavothemer/ 		730 KB
148 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hairbarnyc.com/catalog/view/javascript/pavothemer/5f58403901293bce06b22525e93bfdf3.js
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
987c59280847b3530eef6c1bc94beeea487adf7480a780576eddf822dd8c4fe9
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Thu, 03 Nov 2022 14:26:36 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Transfer-Encoding
chunked
Connection
Keep-Alive
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 13 Dec 2021 17:20:54 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"b66f6-5d30a4b900777-gzip"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
twentytwenty.css
hairbarnyc.com/catalog/view/theme/pav_celo/stylesheet/twenty_twenty/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hairbarnyc.com/catalog/view/theme/pav_celo/stylesheet/twenty_twenty/twentytwenty.css
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
3a6683c20e1244386cfbad35727983e3ef30766220b455ab3e94da24740bef09
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Thu, 03 Nov 2022 14:26:35 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Connection
Keep-Alive
Content-Length
986
X-XSS-Protection
1; mode=block
Last-Modified
Thu, 07 Jan 2021 07:16:16 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"1596-5b84a3727d000-gzip"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
twentytwenty-no-compass.css
hairbarnyc.com/catalog/view/theme/pav_celo/stylesheet/twenty_twenty/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hairbarnyc.com/catalog/view/theme/pav_celo/stylesheet/twenty_twenty/twentytwenty-no-compass.css
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
3f71bd27a0417d982a74bd4159a9da32a47d2e92dbfbebb205cc6dec27dd12e6
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Thu, 03 Nov 2022 14:26:35 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Connection
Keep-Alive
Content-Length
906
X-XSS-Protection
1; mode=block
Last-Modified
Thu, 07 Jan 2021 07:16:10 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"111a-5b84a36cc4280-gzip"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
weglot.min.js
cdn.weglot.com/ 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.weglot.com/weglot.min.js
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:2600:1:28b3:b280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a4e1eb362bebdf64d89c0ec02adc36a9fab4618cfa655962bdfafcf257034466

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront)
date
Thu, 03 Nov 2022 14:22:43 GMT
last-modified
Wed, 26 Oct 2022 13:19:35 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
232
etag
W/"037ae14616e072cae844b28d69b5d66b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
max-age=1800
x-amz-cf-id
qg84cIUUa9zfEwoM802Eyama2DolhmBzwney3y2l8yeKz7kpeTzh_Q==
hotjar-2139383.js
static.hotjar.com/c/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-2139383.js?sv=6
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.153.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-153-18.dus51.r.cloudfront.net
Software
/
Resource Hash
68c888f05937e5f3aede47ce49ad5801c82797d3ad9b20dbe162c2504c3cef5c
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 14:26:37 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 4678033b564719cfa85dd7af417223aa.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
etag
W/a4fa09784c28bade2ac3aeb0334583a7
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=60
x-cache-hit
1
cross-origin-resource-policy
cross-origin
x-amz-cf-id
8GEASQkkrAFaFjAHCICiSZOkSTqTgGF9WXoLRBF6bD1bG9j36TEGsw==
app.js
acsbapp.com/apps/app/dist/js/ 		427 KB
139 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acsbapp.com/apps/app/dist/js/app.js
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
138.128.247.123 New York, United States, ASN36007 (KAMATERA, US),
Reverse DNS
Software
/
Resource Hash
e7bd8851b07a73755dbbd07fe9def642394581ebab2171e38173dacbfc062aa0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 14:26:37 GMT
content-encoding
br
last-modified
Tue, 01 Nov 2022 18:06:07 GMT
etag
"6aab4-6361600f-af3ebb833015feec;br"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=432000 public
accept-ranges
bytes
access-control-allow-headers
*
content-length
142347
expires
Fri, 04 Nov 2022 14:26:37 GMT
haibarnyc.png
hairbarnyc.com/image/catalog/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hairbarnyc.com/image/catalog/haibarnyc.png
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
aba1b5b9023efc5fb5c9d5e5db51a68478893dc2b7da6bf88eb9ff873fefb3c2
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Thu, 03 Nov 2022 14:26:37 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Last-Modified
Thu, 12 Aug 2021 05:43:46 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"feb-5c95637e9e880"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
4075
X-XSS-Protection
1; mode=block
GC_Color-Collection-200x200.png
hairbarnyc.com/image/cache/catalog/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hairbarnyc.com/image/cache/catalog/GC_Color-Collection-200x200.png
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
7528d63cb5065f0c35f595556c6ebbf65e1a6c3dfb2c050dff74b05181211237
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Thu, 03 Nov 2022 14:26:37 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Last-Modified
Thu, 12 Aug 2021 05:59:24 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"7fae-5c9566fd2a700"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
32686
X-XSS-Protection
1; mode=block
sdk-v1.js
d1yw3duy3i4qiv.cloudfront.net/js/ 		33 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1yw3duy3i4qiv.cloudfront.net/js/sdk-v1.js
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.84.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-91.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
716bfd95f947c1cb2dc2c76bd0ac3e9002e4c4632b5ad973ff8656a06eaa30dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Thu, 03 Nov 2022 14:10:46 GMT
Content-Encoding
gzip
Via
1.1 590590f04f79f692591f9db0e720a31c.cloudfront.net (CloudFront)
Last-Modified
Wed, 05 Oct 2016 20:27:02 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA2-C2
Age
1008
ETag
W/"75320659614264cdbb67768735bcee27"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Cache
Hit from cloudfront
Cache-Control
max-age=3600, no-transform, public
Connection
keep-alive
X-Amz-Cf-Id
ipiokwrDa3AfaSpgHQdQH41tNbErhJbkVuBKJtlCDe3GANuhdIRmbw==
css
fonts.googleapis.com/ 		10 KB
828 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/catalog/view/javascript/pavothemer/e27ac72c3d7e39b0384dda5441015873.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6c4133ff5eff0f23ca2f6fdaceea1d4dd3a91e499a0b0aef688b0f31206b0328
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 03 Nov 2022 14:26:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 12:54:08 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 03 Nov 2022 14:26:36 GMT
css
fonts.googleapis.com/ 		2 KB
586 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=PT+Serif:400,700
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/catalog/view/javascript/pavothemer/e27ac72c3d7e39b0384dda5441015873.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
093c8a07828c49147695500f8556d841e3cc58fe03757de3980b24e26476dce3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 03 Nov 2022 14:26:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 14:26:36 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 03 Nov 2022 14:26:36 GMT
css
fonts.googleapis.com/ 		684 B
459 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=ABeeZee
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/catalog/view/javascript/pavothemer/e27ac72c3d7e39b0384dda5441015873.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5bf2859943db8c23d49f38e44084400723325b81efd52c0ef8d2f8a9faf05644
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 03 Nov 2022 14:26:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 14:10:18 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 03 Nov 2022 14:26:36 GMT
widgets.js
platform.twitter.com/ 		97 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67C2) /
Resource Hash
c02444f391e8655e79ff8d7d4cb69c3426c3bffbf8731a994fa23aed0f641d12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Thu, 03 Nov 2022 14:26:37 GMT
Content-Encoding
gzip
Age
642
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length
29221
Last-Modified
Wed, 02 Nov 2022 19:43:37 GMT
Server
ECS (frb/67C2)
Etag
"6633f9603c759c40d9b200995454f17c+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=1800
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1d2b3d10cce7f92a7ce4fe9f6f58f83e3b604868b49f12ded9f50551c0707bc8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 03 Nov 2022 14:26:37 GMT
content-md5
+wkbg1uIsMOq+qPGSBNTAQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1687
x-fb-rlafr
0
x-fb-debug
qSiicP4+ajAKtvlmalzcrLEHl0EFyyuyNpJpvhpDZopJO/Xg4E9Oy1z/vmkMcapN2mOhMPghAY8YYmr4/YZqmg==
x-fb-trip-id
1709462857
x-fb-content-md5
05126351c1efb22bd3dd153fc8c1d1f4
cross-origin-opener-policy
same-origin-allow-popups
etag
"ee4e48bc2805570f68f81fcca73f2406"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 03 Nov 2022 14:45:20 GMT
fbevents.js
connect.facebook.net/en_US/ 		103 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f896040524443394b8b1ba4fbd1de94be74378ab901e53b3b40c1323d1735143
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 03 Nov 2022 14:26:37 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27337
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
KhvrDecB0I4OX96lguQmfWcinCxv6fDfMoMs0gN7BSQtAWldIpOPCzGY/FVXx+wG3+l4a3GCgX6JUYxZ/ngPdQ==
x-fb-trip-id
1709462857
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
cookieconsent.min.js
hairbarnyc.com/catalog/view/javascript/facebook_business/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hairbarnyc.com/catalog/view/javascript/facebook_business/cookieconsent.min.js
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
daee2286a0787382ab04909bc40a686c252d806554a9a5cb565cd09d1674cb67
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Thu, 03 Nov 2022 14:26:37 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Connection
Keep-Alive
Content-Length
6981
X-XSS-Protection
1; mode=block
Last-Modified
Sat, 05 Feb 2022 08:46:05 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"521f-5d74165de7de6-gzip"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
cookieconsent.min.css
hairbarnyc.com/catalog/view/theme/css/facebook_business/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hairbarnyc.com/catalog/view/theme/css/facebook_business/cookieconsent.min.css
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
80ba68989d275f8cda9f6e5aa720ac2fd242a32803608011a9ce505e463fd915
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Thu, 03 Nov 2022 14:26:37 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Connection
Keep-Alive
Content-Length
1340
X-XSS-Protection
1; mode=block
Last-Modified
Sat, 05 Feb 2022 08:46:05 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"10b7-5d74165de7de6-gzip"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
facebook_pixel_3_1_2.js
hairbarnyc.com/catalog/view/javascript/facebook_business/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hairbarnyc.com/catalog/view/javascript/facebook_business/facebook_pixel_3_1_2.js
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
7e1707adc4e5f5c053055b95d49f4a12f05271a9fb3645049c4296cf6f96a248
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Thu, 03 Nov 2022 14:26:37 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Connection
Keep-Alive
Content-Length
1388
X-XSS-Protection
1; mode=block
Last-Modified
Sat, 05 Feb 2022 08:46:05 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"f3f-5d74165de7de6-gzip"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
df0392f6336a9a6a7934a3e7a2f4a5176.json
cdn.weglot.com/projects-settings/ 		0
0
FuturaPT-Book.woff2
hairbarnyc.com/catalog/view/theme/pav_celo/stylesheet/fonts/FuturaPT-Book/ 		28 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://hairbarnyc.com/catalog/view/theme/pav_celo/stylesheet/fonts/FuturaPT-Book/FuturaPT-Book.woff2
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/catalog/view/theme/pav_celo/stylesheet/theme-custom-stylesheet.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
8424eb8408ed269ed1acede0db0a6299379e684f1f1d6032dee5042c9a7f54a4
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://hairbarnyc.com/catalog/view/theme/pav_celo/stylesheet/theme-custom-stylesheet.css
Origin
https://hairbarnyc.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Thu, 03 Nov 2022 14:26:37 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Last-Modified
Tue, 04 Feb 2020 15:45:52 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"710c-59dc1ef43cc00"
X-Frame-Options
SAMEORIGIN
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
28940
X-XSS-Protection
1; mode=block
fontawesome-webfont.woff2
hairbarnyc.com/catalog/view/javascript/font-awesome/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://hairbarnyc.com/catalog/view/javascript/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/catalog/view/javascript/pavothemer/e27ac72c3d7e39b0384dda5441015873.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
42736c7de60dfab94b3cc902b8692f80cfeb0a5989d1d51db1d25fd7d18dc45b
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://hairbarnyc.com/catalog/view/javascript/pavothemer/e27ac72c3d7e39b0384dda5441015873.css
Origin
https://hairbarnyc.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Thu, 03 Nov 2022 14:26:37 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Last-Modified
Tue, 04 Feb 2020 15:44:01 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"12d68-59dc1e8a61240"
X-Frame-Options
SAMEORIGIN
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
77160
X-XSS-Protection
1; mode=block
BaskervilleMTStd-Regular.woff2
hairbarnyc.com/catalog/view/theme/pav_celo/stylesheet/fonts/Baskerville/ 		25 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://hairbarnyc.com/catalog/view/theme/pav_celo/stylesheet/fonts/Baskerville/BaskervilleMTStd-Regular.woff2
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/catalog/view/theme/pav_celo/stylesheet/theme-custom-stylesheet.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
d506e94d6ec365ea49e9da425ca4d7b09966f98d47dadfe2c4ae5b2c119403f6
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://hairbarnyc.com/catalog/view/theme/pav_celo/stylesheet/theme-custom-stylesheet.css
Origin
https://hairbarnyc.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Thu, 03 Nov 2022 14:26:37 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Last-Modified
Tue, 04 Feb 2020 15:45:56 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"64b4-59dc1ef80d500"
X-Frame-Options
SAMEORIGIN
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
25780
X-XSS-Protection
1; mode=block
en-gb.png
hairbarnyc.com/catalog/language/en-gb/ 		370 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hairbarnyc.com/catalog/language/en-gb/en-gb.png
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
3df9da830a80a6415ea0e3a3dc58573e2e87308ed029a9f32b96fa89afdcbd41
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Thu, 03 Nov 2022 14:26:37 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Last-Modified
Tue, 04 Feb 2020 15:39:18 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"172-59dc1d7c7d580"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
370
X-XSS-Protection
1; mode=block
es-es.png
hairbarnyc.com/catalog/language/es-es/ 		469 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hairbarnyc.com/catalog/language/es-es/es-es.png
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
e9aa6fcf5e814e25b7462ed594643e25979cf9c04f3a68197b5755b476ac38a7
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Thu, 03 Nov 2022 14:26:37 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Last-Modified
Tue, 04 Feb 2020 15:39:19 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"1d5-59dc1d7d717c0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
469
X-XSS-Protection
1; mode=block
review
hirefrederick.com/widget/ Frame 1DC7 		32 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hirefrederick.com/widget/review?location_id=e18af810-45c8-47ad-9737-82c074ad49b9&per_page=5&layout=carousel&background=ffffff&title_hex_color=46ACC5&star_hex_color=46ACC5
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/catalog/view/javascript/jquery/jquery-2.1.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.157.58.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-157-58-70.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
77c844ea7001bc0ece47469556d63d4825b645d1c9b5fccf8bb1102806ed5b5f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://hairbarnyc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, private, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Thu, 03 Nov 2022 14:26:36 GMT
Etag
W/"ae326deb99cb2328f578b543e3799f56"
Server
Cowboy
Transfer-Encoding
chunked
Vary
Accept-Encoding
Via
1.1 vegur
X-Content-Type-Options
nosniff
X-Request-Id
4372250b-9b23-4f3b-927a-7e098f693bef
X-Runtime
0.008679
X-Xss-Protection
1; mode=block
modules.fb31143041749935774c.js
script.hotjar.com/ 		254 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.fb31143041749935774c.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2139383.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-51.fra2.r.cloudfront.net
Software
/
Resource Hash
2c31f8bb314c9d47e89662daac66d55d23a2db294da120978e1d33438b992b73
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 08:53:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
20011
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
66231
last-modified
Thu, 03 Nov 2022 08:52:17 GMT
etag
"824d1340a30234e6909a3b6170eb8f07"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
5PBvvKrqzQchS5kBc5YCdpN8-nLsbG-Tn5jyZdPEoEQQYMbQhr83jw==
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-165298320-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 03 Nov 2022 13:24:49 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
3708
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Thu, 03 Nov 2022 15:24:49 GMT
js
www.googletagmanager.com/gtag/ 		134 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-946241747&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-165298320-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
961d799a71d19d461192d192014de83c3af5dc68414c78c4859544d856465559
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 14:26:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52878
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 03 Nov 2022 14:26:37 GMT
sdk.js
connect.facebook.net/en_US/ 		300 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=ef0783516ce37a0d2be739b2ac742f83
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e69aef9334ea0725c792af277da69ffdce8f8549ec6132da4a31387522da9976
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://hairbarnyc.com/
Origin
https://hairbarnyc.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 03 Nov 2022 14:26:37 GMT
content-md5
9Hj6S1whDYsNp5QqsRW5vg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
86894
x-fb-rlafr
0
x-fb-debug
d1oncZ/5rkyYgavoQYQTZfHawU0wyVvEptcamQzuS/VlAsIxgM/4g1jVV+BpEgTVQtx7Zx6IrQXjDf2qtBRBLg==
x-fb-content-md5
a05aaaf141a5acc82e8506453bf40893
cross-origin-opener-policy
same-origin-allow-popups
etag
"94cf1a07b3b9630100fd73133cc8fd4a"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 03 Nov 2023 12:25:56 GMT
511434462665721
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/511434462665721?v=2.9.89&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4e4516bbc766483dd4d215e9e1349440b53cfc13c221e5133634525b6739157a
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 03 Nov 2022 14:26:37 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
6GKX7+ChfveyByQslMllt6Xg/Gh+DmGdQqM4fNsh8k6QrgbUJ0Wy1+Kj7povbIMr/pgcB52vEfpPgsdRDD2AjQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
pinit_main.js
assets.pinterest.com/js/ 		66 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.pinterest.com/js/pinit_main.js?0.7565547471911378
Requested by
Host: assets.pinterest.com
URL: https://assets.pinterest.com/js/pinit.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:286::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

akamai-x-true-ttl
300
content-encoding
br
x-cdn
akamai
etag
"3725764cf05d1a0938de73d398772331"
vary
Accept-Encoding, Origin
access-control-max-age
86400
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET
access-control-expose-headers
X-CDN
cache-control
max-age=202
accept-ranges
bytes
content-length
18679
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/946241747/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/946241747/?random=1667485597314&cv=11&fst=1667485597314&bg=ffffff&guid=ON&async=1&gtm=2oaav0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fhairbarnyc.com%2F&tiba=Best%20Hair%20Salon%20in%20New%20York%20and%20Florida%20-%20HairBar%20NYC&auid=1871172530.1667485597&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-946241747
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
da8f72afa06bc5bca9d9becb114a886ab11ebd8205e03ffef9f23e4fdb070a1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Nov 2022 14:26:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
983
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=511434462665721&ev=PageView&dl=https%3A%2F%2Fhairbarnyc.com%2F&rl=&if=false&ts=1667485597659&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1667485597656.161893185&it=1667485597265&coo=false&exp=d0&rqm=GET
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f145:82:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 03 Nov 2022 14:26:37 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=220797095&t=pageview&_s=1&dl=https%3A%2F%2Fhairbarnyc.com%2F&ul=en-us&de=UTF-8&dt=Best%20Hair%20Salon%20in%20New%20York%20and%20Florida%20-%20HairBar%20NYC&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=86271036&gjid=1414542710&cid=727008054.1667485598&tid=UA-165298320-1&_gid=1966151350.1667485598&_r=1&gtm=2ouav0&z=2059068746
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://hairbarnyc.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 03 Nov 2022 14:26:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://hairbarnyc.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ Frame 1DC7 		3 KB
630 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans
Requested by
Host: hirefrederick.com
URL: https://hirefrederick.com/widget/review?location_id=e18af810-45c8-47ad-9737-82c074ad49b9&per_page=5&layout=carousel&background=ffffff&title_hex_color=46ACC5&star_hex_color=46ACC5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8d683e97a1f23650a3e38cf3621b924ccf692f2a4204d193335ceddeb9b65353
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hirefrederick.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 03 Nov 2022 14:26:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 12:51:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 03 Nov 2022 14:26:37 GMT
widgets-2cb303c877c6aa772778dc9f2c7421bf.css
d34oxwxegf4jrt.cloudfront.net/assets/ Frame 1DC7 		161 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d34oxwxegf4jrt.cloudfront.net/assets/widgets-2cb303c877c6aa772778dc9f2c7421bf.css
Requested by
Host: hirefrederick.com
URL: https://hirefrederick.com/widget/review?location_id=e18af810-45c8-47ad-9737-82c074ad49b9&per_page=5&layout=carousel&background=ffffff&title_hex_color=46ACC5&star_hex_color=46ACC5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.194.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-194-61.fra2.r.cloudfront.net
Software
Cowboy /
Resource Hash
cefeea6edc2bd77939df6d1d32689376d1ca0131c37a4e412a5bd4ec7c477d20

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hirefrederick.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Fri, 30 Sep 2022 00:46:39 GMT
Content-Encoding
gzip
Via
1.1 vegur, 1.1 e0efba8a72628bfc3dc6d4d637b28302.cloudfront.net (CloudFront)
Last-Modified
Mon, 17 Aug 2020 19:05:34 GMT
Server
Cowboy
X-Amz-Cf-Pop
FRA2-C1
Age
2986798
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
text/css
Cache-Control
public, max-age=31536000
Connection
keep-alive
Content-Length
28956
X-Amz-Cf-Id
6fBSoIoRK3ZYbKCxU6p1Apooklfb-heeP_kZ8wd5C1T9SJbLFVdlRg==
widgets_require-766fc4be5928c7d408d8bed72b159199.js
d34oxwxegf4jrt.cloudfront.net/assets/ Frame 1DC7 		367 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d34oxwxegf4jrt.cloudfront.net/assets/widgets_require-766fc4be5928c7d408d8bed72b159199.js
Requested by
Host: hirefrederick.com
URL: https://hirefrederick.com/widget/review?location_id=e18af810-45c8-47ad-9737-82c074ad49b9&per_page=5&layout=carousel&background=ffffff&title_hex_color=46ACC5&star_hex_color=46ACC5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.194.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-194-61.fra2.r.cloudfront.net
Software
Cowboy /
Resource Hash
160ce669c12174a31224a38d6a4a094978334adaa5a107402a49188b36718fe9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hirefrederick.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Sat, 27 Aug 2022 18:53:48 GMT
Content-Encoding
gzip
Via
1.1 vegur, 1.1 5a5b94c62ea85e0c0d78b169589b08b4.cloudfront.net (CloudFront)
Last-Modified
Mon, 04 Apr 2022 10:20:19 GMT
Server
Cowboy
X-Amz-Cf-Pop
FRA2-C1
Age
5859169
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Cache-Control
public, max-age=31536000
Connection
keep-alive
Content-Length
110933
X-Amz-Cf-Id
B6K6w3Y4BYTVedSdAQOU9cQ6Zua7IBzZn401HqnSYQcjPCQezuk30g==
/
www.google.com/pagead/1p-user-list/946241747/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/946241747/?random=1667485597314&cv=11&fst=1667484000000&bg=ffffff&guid=ON&async=1&gtm=2oaav0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fhairbarnyc.com%2F&tiba=Best%20Hair%20Salon%20in%20New%20York%20and%20Florida%20-%20HairBar%20NYC&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1497183356&rmt_tld=0&ipr=y
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Nov 2022 14:26:37 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/946241747/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/946241747/?random=1667485597314&cv=11&fst=1667484000000&bg=ffffff&guid=ON&async=1&gtm=2oaav0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fhairbarnyc.com%2F&tiba=Best%20Hair%20Salon%20in%20New%20York%20and%20Florida%20-%20HairBar%20NYC&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1497183356&rmt_tld=1&ipr=y
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Nov 2022 14:26:37 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
438 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-165298320-1&cid=727008054.1667485598&jid=86271036&gjid=1414542710&_gid=1966151350.1667485598&_u=YEBAAUAAAAAAACAAI~&z=68198315
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://hairbarnyc.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 03 Nov 2022 14:26:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://hairbarnyc.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
track.js
hairbarnyc.ladesk.com/scripts/ 		49 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hairbarnyc.ladesk.com/scripts/track.js
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.79.6.119 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1105-119.members.linode.com
Software
nginx /
Resource Hash
d4bcac43603c7560bc9a6b8f76eba9b19b18528a893c6ebc9c6dbc28709e69b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 14:26:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 varnish (2.lb-app.la.linode-us-tx)
x-srv
4
age
210
content-length
13022
last-modified
Tue, 18 Oct 2022 18:46:42 GMT
server
nginx
etag
W/"c49f-5eb538358c880"
vary
Accept-Encoding
content-type
application/javascript
x-varnish
544575847 542639780
cache-control
max-age=300, public
accept-ranges
bytes
expires
Thu, 03 Nov 2022 20:23:08 GMT
widget_iframe.644279d1635fd969e87af94a98bd232b.html
platform.twitter.com/widgets/ Frame 2A52 		320 KB
104 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Fhairbarnyc.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67C2) /
Resource Hash
8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74

Request headers

Referer
https://hairbarnyc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
57947
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105445
Content-Type
text/html; charset=utf-8
Date
Thu, 03 Nov 2022 14:26:38 GMT
Etag
"50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
Last-Modified
Wed, 02 Nov 2022 19:36:59 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/67C2)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Full%20Color%20Kit-200x200.png
hairbarnyc.com/image/cache/catalog/Home%20Kits%20(Updated)/ 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hairbarnyc.com/image/cache/catalog/Home%20Kits%20(Updated)/Full%20Color%20Kit-200x200.png
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
8d248d7b20f483d12aab6a2d7b0c4368905a335b0197264399364116a78575e2
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Thu, 03 Nov 2022 14:26:38 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Last-Modified
Thu, 12 Aug 2021 05:59:23 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"a09b-5c9566fc364c0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
41115
X-XSS-Protection
1; mode=block
Full%20Keratin%20Kit-200x200.png
hairbarnyc.com/image/cache/catalog/Home%20Kits%20(Updated)/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hairbarnyc.com/image/cache/catalog/Home%20Kits%20(Updated)/Full%20Keratin%20Kit-200x200.png
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
47cf74023ea67e48cf5ae3105410a345d7a1731a36a4731ffb4c2fe24b5614e9
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Thu, 03 Nov 2022 14:26:38 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Last-Modified
Thu, 12 Aug 2021 05:59:23 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"98c9-5c9566fc364c0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
39113
X-XSS-Protection
1; mode=block
Full%20Botox%20Kit-200x200.png
hairbarnyc.com/image/cache/catalog/Home%20Kits%20(Updated)/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hairbarnyc.com/image/cache/catalog/Home%20Kits%20(Updated)/Full%20Botox%20Kit-200x200.png
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
30183eaedf8efef2154a65ceafe52c7e306d14af662525353946dd4e21a30c2e
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Thu, 03 Nov 2022 14:26:38 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Last-Modified
Thu, 12 Aug 2021 05:59:23 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"82be-5c9566fc364c0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
33470
X-XSS-Protection
1; mode=block
Silk%20Touch%20Plus%20Keratin-200x200.jpg
hairbarnyc.com/image/cache/catalog/2021/Services%20Profiles/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hairbarnyc.com/image/cache/catalog/2021/Services%20Profiles/Silk%20Touch%20Plus%20Keratin-200x200.jpg
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
8d8ae806000576e3adc0019caa9aa321fe0eb8b6a02fdd7c093222789ae38429
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Thu, 03 Nov 2022 14:26:38 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Last-Modified
Thu, 12 Aug 2021 05:59:23 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"2103-5c9566fc364c0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
8451
X-XSS-Protection
1; mode=block
Diamond%20Botox-200x200.jpg
hairbarnyc.com/image/cache/catalog/2021/Services%20Profiles/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hairbarnyc.com/image/cache/catalog/2021/Services%20Profiles/Diamond%20Botox-200x200.jpg
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
bfae9defd1fcb1f58b1d13a3cd51799652e4cad815abb3de79b232dc3ea97acc
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Thu, 03 Nov 2022 14:26:38 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Last-Modified
Thu, 12 Aug 2021 05:59:23 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"33bc-5c9566fc364c0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
13244
X-XSS-Protection
1; mode=block
Single%20Process%20Color-200x200.jpg
hairbarnyc.com/image/cache/catalog/2021/Services%20Profiles/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hairbarnyc.com/image/cache/catalog/2021/Services%20Profiles/Single%20Process%20Color-200x200.jpg
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
fa532b6e5e769269fd76cfc299fb5586889579654cdff65906627dcaf11adfa3
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Thu, 03 Nov 2022 14:26:38 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Last-Modified
Thu, 12 Aug 2021 05:59:23 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"3d15-5c9566fc364c0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=93
Content-Length
15637
X-XSS-Protection
1; mode=block
Single%20Premium%20Blowout-200x200.jpg
hairbarnyc.com/image/cache/catalog/2021/Services%20Profiles/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hairbarnyc.com/image/cache/catalog/2021/Services%20Profiles/Single%20Premium%20Blowout-200x200.jpg
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
d99b7a32f6e554dc724bed1972ca255aec53bcf1aca5d37c0b7f0f16db050e39
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Thu, 03 Nov 2022 14:26:39 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Last-Modified
Thu, 12 Aug 2021 05:59:23 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"342a-5c9566fc364c0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
13354
X-XSS-Protection
1; mode=block
Tape%20Ins%20Extensions-200x200.jpg
hairbarnyc.com/image/cache/catalog/2021/Services%20Profiles/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hairbarnyc.com/image/cache/catalog/2021/Services%20Profiles/Tape%20Ins%20Extensions-200x200.jpg
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
e83cf1da68603354b64842c3e6be4987d05c3d297f8c87aa11af437542101749
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Thu, 03 Nov 2022 14:26:39 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Last-Modified
Thu, 12 Aug 2021 05:59:23 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"277a-5c9566fc364c0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
10106
X-XSS-Protection
1; mode=block
Special%20Bundles-200x200.png
hairbarnyc.com/image/cache/catalog/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hairbarnyc.com/image/cache/catalog/Special%20Bundles-200x200.png
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
176f5496d9c88e6efdc9505cc5dfe760d4a1ed84f9cc5db28fc79bdb5eb2f8d0
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Thu, 03 Nov 2022 14:26:39 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Last-Modified
Thu, 12 Aug 2021 05:59:23 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"982f-5c9566fc364c0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=92
Content-Length
38959
X-XSS-Protection
1; mode=block
Ultimate_Repair_System-Collection-2-200x200.png
hairbarnyc.com/image/cache/catalog/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hairbarnyc.com/image/cache/catalog/Ultimate_Repair_System-Collection-2-200x200.png
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
bce7ef9c5c06b89d48dca6a0cc52316497a679b2786d58dff3a2967f1729dec1
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Thu, 03 Nov 2022 14:26:39 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Last-Modified
Thu, 12 Aug 2021 05:59:23 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"5776-5c9566fc364c0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
22390
X-XSS-Protection
1; mode=block
silk_touch_Products-1-600x430-1-200x200.png
hairbarnyc.com/image/cache/catalog/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hairbarnyc.com/image/cache/catalog/silk_touch_Products-1-600x430-1-200x200.png
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
3a7e2ded944ad36714476dda89b3ef4e971aa0f4bdd28760bc1af24235868e4f
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Thu, 03 Nov 2022 14:26:39 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Last-Modified
Thu, 12 Aug 2021 05:59:23 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"6bfa-5c9566fc364c0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
27642
X-XSS-Protection
1; mode=block
Armorplex_Category-200x200.png
hairbarnyc.com/image/cache/catalog/2021/Products/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hairbarnyc.com/image/cache/catalog/2021/Products/Armorplex_Category-200x200.png
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
b19bfb0602cf2db5514725e30830903f8df465bad4985a47a21ee13fc0f5b30b
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Thu, 03 Nov 2022 14:26:39 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Last-Modified
Thu, 12 Aug 2021 05:59:23 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"847b-5c9566fc364c0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
33915
X-XSS-Protection
1; mode=block
Styling%20and%20Finishing-200x200.png
hairbarnyc.com/image/cache/catalog/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hairbarnyc.com/image/cache/catalog/Styling%20and%20Finishing-200x200.png
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
fdabb92563f45ba0198dead28feede636b56dfe240bf7f6724304513f1e75c14
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Thu, 03 Nov 2022 14:26:39 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Last-Modified
Thu, 12 Aug 2021 05:59:23 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"3b4f-5c9566fc364c0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
15183
X-XSS-Protection
1; mode=block
Silk-Touch-Plus-Keratin-16.9oz-2-400x400-200x200.png
hairbarnyc.com/image/cache/catalog/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hairbarnyc.com/image/cache/catalog/Silk-Touch-Plus-Keratin-16.9oz-2-400x400-200x200.png
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
ac20cff7788fcc8e7b4481bb74af94cc8124f5fa8995241958b146999dba6e0a
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Thu, 03 Nov 2022 14:26:39 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Last-Modified
Thu, 12 Aug 2021 05:59:23 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"2d69-5c9566fc364c0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
11625
X-XSS-Protection
1; mode=block
Silk_Touch_Keratin_16-oz-400x400-200x200.png
hairbarnyc.com/image/cache/catalog/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hairbarnyc.com/image/cache/catalog/Silk_Touch_Keratin_16-oz-400x400-200x200.png
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
f635c8da789a719cca46fe518b01afda4c2ab8e4000fe8f933961bab4cdeba91
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Thu, 03 Nov 2022 14:26:39 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Last-Modified
Thu, 12 Aug 2021 05:59:23 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"2662-5c9566fc364c0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
9826
X-XSS-Protection
1; mode=block
24_Karat_Keratin_32-oz-400x400-200x200.png
hairbarnyc.com/image/cache/catalog/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hairbarnyc.com/image/cache/catalog/24_Karat_Keratin_32-oz-400x400-200x200.png
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
0a9e95feff42c3fd452d8c8f91413992db137b173c40d6118d287bc2efdc1d32
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Thu, 03 Nov 2022 14:26:39 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Last-Modified
Thu, 12 Aug 2021 05:59:23 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"3cb5-5c9566fc364c0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
15541
X-XSS-Protection
1; mode=block
Gel_Keratin-32-oz-400x400-200x200.png
hairbarnyc.com/image/cache/catalog/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hairbarnyc.com/image/cache/catalog/Gel_Keratin-32-oz-400x400-200x200.png
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
47ca3bff96c2752055b80f7a64c4af7a2249d90ee5402dd117f59b170e0d385d
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Thu, 03 Nov 2022 14:26:39 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Last-Modified
Thu, 12 Aug 2021 05:59:23 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"3fd6-5c9566fc364c0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=93
Content-Length
16342
X-XSS-Protection
1; mode=block
Blowout_Express_Keratin-16-oz-400x400-200x200.png
hairbarnyc.com/image/cache/catalog/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hairbarnyc.com/image/cache/catalog/Blowout_Express_Keratin-16-oz-400x400-200x200.png
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
3f419012003369c70b253a0d6302e8075692c37e4b4b1cf9bae3595b5cada40a
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Thu, 03 Nov 2022 14:26:39 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Last-Modified
Thu, 12 Aug 2021 05:59:23 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"244c-5c9566fc364c0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=92
Content-Length
9292
X-XSS-Protection
1; mode=block
Halloween%20Sale%202022%20-%20Web.jpg
hairbarnyc.com/image/catalog/2022/Banners/ 		847 KB
848 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hairbarnyc.com/image/catalog/2022/Banners/Halloween%20Sale%202022%20-%20Web.jpg
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
32e523129b43af27695373bc834829cdd3627e0c28e36d5d421562dafab51ec8
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Thu, 03 Nov 2022 14:26:39 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Last-Modified
Fri, 28 Oct 2022 17:44:21 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"d3beb-5ec1bced232e2"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=93
Content-Length
867307
X-XSS-Protection
1; mode=block
24%20Karat%20Keratin-300x300.jpg
hairbarnyc.com/image/cache/catalog/2021/Services%20Profiles/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hairbarnyc.com/image/cache/catalog/2021/Services%20Profiles/24%20Karat%20Keratin-300x300.jpg
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
384a6e769e58cae6581adfe67be8a75cacc8e51072508a6d69de4e6835d68391
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Thu, 03 Nov 2022 14:26:39 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Last-Modified
Thu, 12 Aug 2021 06:01:10 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"423b-5c95676241580"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
16955
X-XSS-Protection
1; mode=block
Silk%20Touch%20Plus%20Keratin-300x300.jpg
hairbarnyc.com/image/cache/catalog/2021/Services%20Profiles/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hairbarnyc.com/image/cache/catalog/2021/Services%20Profiles/Silk%20Touch%20Plus%20Keratin-300x300.jpg
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
4a8c7b5701cec2f9e08c3fe9b65ea98a98eed6ed1ec16187e75ce173c932361d
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Thu, 03 Nov 2022 14:26:39 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Last-Modified
Thu, 12 Aug 2021 06:01:10 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"450b-5c95676241580"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=91
Content-Length
17675
X-XSS-Protection
1; mode=block
Silk%20Touch%20Keratin-300x300.jpg
hairbarnyc.com/image/cache/catalog/2021/Services%20Profiles/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hairbarnyc.com/image/cache/catalog/2021/Services%20Profiles/Silk%20Touch%20Keratin-300x300.jpg
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
2aeed5bed03ad488a73cb5981ef93f29ca50f2842d808dd278f6cc4a0884167e
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Thu, 03 Nov 2022 14:26:39 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Last-Modified
Thu, 12 Aug 2021 06:01:10 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"374d-5c95676241580"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=93
Content-Length
14157
X-XSS-Protection
1; mode=block
Gel%20Keratin-300x300.jpg
hairbarnyc.com/image/cache/catalog/2021/Services%20Profiles/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hairbarnyc.com/image/cache/catalog/2021/Services%20Profiles/Gel%20Keratin-300x300.jpg
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
3b490c29c79aedad43f8048c0824084902c1272b640ce21783a15120404ee92d
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Thu, 03 Nov 2022 14:26:39 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Last-Modified
Thu, 12 Aug 2021 06:01:10 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"6500-5c95676241580"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=93
Content-Length
25856
X-XSS-Protection
1; mode=block
Vegan%20Keratin%20Home%20Kit-300x300.jpg
hairbarnyc.com/image/cache/catalog/2021/Home%20Kits%20Profiles/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hairbarnyc.com/image/cache/catalog/2021/Home%20Kits%20Profiles/Vegan%20Keratin%20Home%20Kit-300x300.jpg
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
131d6fd2fb63edf5bbd5f48e392216f63faf8bb4f3b72b68b3efb62a3f01e0c0
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Thu, 03 Nov 2022 14:26:39 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Last-Modified
Thu, 12 Aug 2021 06:01:10 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"626f-5c95676241580"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=91
Content-Length
25199
X-XSS-Protection
1; mode=block
Premium%20Vegan%20Keratin%20Home%20Kit-min-300x300.png
hairbarnyc.com/image/cache/catalog/Home%20kit%20compressed/ 		82 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hairbarnyc.com/image/cache/catalog/Home%20kit%20compressed/Premium%20Vegan%20Keratin%20Home%20Kit-min-300x300.png
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
7ea3a4ded8a7123d33da95063c9cb5e1742daab1bcf5cf53ceb807b42f5da598
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Thu, 03 Nov 2022 14:26:39 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Last-Modified
Thu, 12 Aug 2021 06:01:11 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"14840-5c956763357c0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
84032
X-XSS-Protection
1; mode=block
Diamond%20Botox%20Home%20Kit-300x300.png
hairbarnyc.com/image/cache/catalog/Home%20kit%20compressed/ 		60 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hairbarnyc.com/image/cache/catalog/Home%20kit%20compressed/Diamond%20Botox%20Home%20Kit-300x300.png
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
2b61328f5f20fc6d829bc90237d707378f6375afd9330bc552c44a7671e7094e
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Thu, 03 Nov 2022 14:26:39 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Last-Modified
Thu, 12 Aug 2021 06:01:11 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"f067-5c956763357c0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=90
Content-Length
61543
X-XSS-Protection
1; mode=block
Professional%20Hair%20Color%20Home%20Kit%20(2%20Tubes)-min-300x300.png
hairbarnyc.com/image/cache/catalog/Home%20kit%20compressed/ 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hairbarnyc.com/image/cache/catalog/Home%20kit%20compressed/Professional%20Hair%20Color%20Home%20Kit%20(2%20Tubes)-min-300x300.png
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
b4f9eead135b83c8822c5851895141f0e549ad935fba7105c973e59e6b4cc6dc
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Thu, 03 Nov 2022 14:26:39 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Last-Modified
Thu, 12 Aug 2021 06:01:11 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"12676-5c956763357c0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=92
Content-Length
75382
X-XSS-Protection
1; mode=block
Ultimate%20Repair%20System%20Bundle%201-min-300x300.png
hairbarnyc.com/image/cache/catalog/keratin%20compressed/ 		39 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hairbarnyc.com/image/cache/catalog/keratin%20compressed/Ultimate%20Repair%20System%20Bundle%201-min-300x300.png
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
211c52be0f8d03fda1e69119423164f14dabe610c081604bf9c2466582dd68d0
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Thu, 03 Nov 2022 14:26:39 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Last-Modified
Thu, 12 Aug 2021 06:01:11 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"9d86-5c956763357c0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=92
Content-Length
40326
X-XSS-Protection
1; mode=block
Silk%20Touch%20System%20Bundle%201-300x300.png
hairbarnyc.com/image/cache/catalog/2022/New%20Bundles/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hairbarnyc.com/image/cache/catalog/2022/New%20Bundles/Silk%20Touch%20System%20Bundle%201-300x300.png
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
5e44dcae9822a7fe9a613eee73874bf064329a391e73336c02a1ab1da2e32a6d
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Thu, 03 Nov 2022 14:26:40 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Last-Modified
Mon, 20 Jun 2022 19:18:07 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"9544-5e1e5f6cba67e"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=90
Content-Length
38212
X-XSS-Protection
1; mode=block
Ultimate%20Repair%20System%20Bundle%202-300x300.png
hairbarnyc.com/image/cache/catalog/keratin%20compressed/ 		49 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hairbarnyc.com/image/cache/catalog/keratin%20compressed/Ultimate%20Repair%20System%20Bundle%202-300x300.png
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
c909cf8834415ff0cb4ec417f124c2828ad5deed8a89078bf39098c4b0c020ba
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Thu, 03 Nov 2022 14:26:40 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Last-Modified
Thu, 12 Aug 2021 06:01:11 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"c321-5c956763357c0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=91
Content-Length
49953
X-XSS-Protection
1; mode=block
Silk%20Touch%20System%20Bundle%202-300x300.png
hairbarnyc.com/image/cache/catalog/2022/New%20Bundles/ 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hairbarnyc.com/image/cache/catalog/2022/New%20Bundles/Silk%20Touch%20System%20Bundle%202-300x300.png
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
0f6bde3e83a3412a3eb6da89038d585712c8c0ff5b4e27791cd661ae3dce5f1d
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Thu, 03 Nov 2022 14:26:40 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Last-Modified
Mon, 20 Jun 2022 19:18:49 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"b70a-5e1e5f9459cab"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=89
Content-Length
46858
X-XSS-Protection
1; mode=block
analytics.min.js
cdn.segment.com/analytics.js/v1/k2VrpID8FshBjeEVNf1mYaLiPxU3aQwf/ Frame 1DC7 		100 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics.js/v1/k2VrpID8FshBjeEVNf1mYaLiPxU3aQwf/analytics.min.js
Requested by
Host: hirefrederick.com
URL: https://hirefrederick.com/widget/review?location_id=e18af810-45c8-47ad-9737-82c074ad49b9&per_page=5&layout=carousel&background=ffffff&title_hex_color=46ACC5&star_hex_color=46ACC5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.5.209 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-5-209.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
abb76ff79e939c77dd6c97cb20dda414880f66048e1801ba4a556ba28f02352b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hirefrederick.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id
Ac_SGAeVlm7pVB4azSDXPoIk7EL2YrOw
content-encoding
br
via
1.1 fa544a973edca8926f95609301f23b66.cloudfront.net (CloudFront)
date
Thu, 03 Nov 2022 14:26:40 GMT
x-amz-cf-pop
DUS51-P2
x-cache
RefreshHit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 19 Oct 2022 22:56:55 GMT
server
AmazonS3
etag
W/"efe7af3b9260c1639878d049d9a50617"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=120
vary
Accept-Encoding
x-amz-cf-id
9unsoIeiWbevcMKopAhDytOFTdMbWzCB9zmVbAtTM-8TZVrViYEU9w==
pendo.js
cdn.pendo.io/agent/static/183ec609-d20c-40fd-6d6f-af75d69e15ca/ Frame 1DC7 		402 KB
133 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pendo.io/agent/static/183ec609-d20c-40fd-6d6f-af75d69e15ca/pendo.js
Requested by
Host: hirefrederick.com
URL: https://hirefrederick.com/widget/review?location_id=e18af810-45c8-47ad-9737-82c074ad49b9&per_page=5&layout=carousel&background=ffffff&title_hex_color=46ACC5&star_hex_color=46ACC5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:2600:1f:aa31:7740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
UploadServer /
Resource Hash
de00619b0eed3d0b0e9844c9e079fb79cb906956a4ac9f1af37c3498f2a7e384

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hirefrederick.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 14:20:43 GMT
content-encoding
gzip
via
1.1 04ce5a607a98db6d08257633417b84d6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
357
x-guploader-uploadid
ADPycdtfMGSCjkS3WezS6270NWIzX7LCiB-lq5-8STPcuLCVLwR7SyP6KPEi54To28IrF4aZLNdoJ4XStdBxgWZoDJv0Sg
x-cache
Hit from cloudfront
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
135622
last-modified
Mon, 31 Oct 2022 18:16:24 GMT
server
UploadServer
etag
"7261ea7bcbffa1a9bc47ed47a6dc8d13"
vary
Accept-Encoding
x-goog-generation
1667240184535909
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=sUWq+w==, md5=cmHqe8v/oam8R+1HptyNEw==
access-control-expose-headers
*
cache-control
max-age=450
x-goog-stored-content-length
135622
accept-ranges
bytes
x-amz-cf-id
YpNIxzYhx-WbkzMG7imMe7apGopkv7LcrsVfYrdyarjcEWSgAsR2iA==
expires
Thu, 03 Nov 2022 14:28:11 GMT
config.json
cdn.acsbapp.com/cache/app/hairbarnyc.com/ 		159 B
346 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.acsbapp.com/cache/app/hairbarnyc.com/config.json
Requested by
Host: acsbapp.com
URL: https://acsbapp.com/apps/app/dist/js/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.185.239.229 New York, United States, ASN36007 (KAMATERA, US),
Reverse DNS
Software
/
Resource Hash
9c2fed68ae0803083af72a51b15ba5127b055d24f9336ac18d18811a57dc74e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 14:26:39 GMT
last-modified
Thu, 03 Nov 2022 14:25:17 GMT
etag
"9f-6363cf4d-666e0d17d42e13c4;;;"
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=432000 public
accept-ranges
bytes
access-control-allow-headers
*
content-length
159
expires
Fri, 04 Nov 2022 14:26:39 GMT
/
log.pinterest.com/ 		0
334 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.pinterest.com/?type=pidget&guid=0vm2Dy1Bqm1H&tv=2021110201&event=init&sub=www&button_count=0&follow_count=0&pin_count=0&profile_count=0&board_count=0&section_count=0&lang=en&nvl=en-US&via=https%3A%2F%2Fhairbarnyc.com%2F
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-cache-hits
0
date
Thu, 03 Nov 2022 14:26:39 GMT
via
1.1 varnish
x-cache
MISS
x-envoy-upstream-service-time
3
x-pinterest-rid
1511493503650740
content-length
0
x-served-by
cache-hhn4028-HHN
pragma
no-cache
server
envoy
x-timer
S1667485599.946596,VS0,VE97
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache,no-store,must-revalidate,max-age=0
accept-ranges
bytes
expires
Sat, 01 Jan 2000 00:00:00 GMT
box-0feefa1930c964ac6aa4db4e99e8f25f.html
vars.hotjar.com/ Frame E188 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-0feefa1930c964ac6aa4db4e99e8f25f.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2139383.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-122.fra2.r.cloudfront.net
Software
/
Resource Hash
d45014fa88918c35f5c3401458f0a26c0f45fe6132fc31a227b186ebe55d5d84
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://hairbarnyc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
80732
cache-control
max-age=31536000
content-encoding
br
content-length
1035
content-type
text/html
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 02 Nov 2022 16:01:06 GMT
etag
"7860f2201e5523a8914b582db81455db"
last-modified
Wed, 02 Nov 2022 16:00:49 GMT
strict-transport-security
max-age=2592000; includeSubDomains
vary
Accept-Encoding
via
1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
x-amz-cf-id
dy4ZmuY7WvD6DXAk5IckN4gn91Yajsb2eLvZv-OIBI06pH7nTeRuvQ==
x-amz-cf-pop
FRA2-C1
x-cache
Hit from cloudfront
x-robots-tag
none
settings
syndication.twitter.com/ Frame 2A52 		914 B
696 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=cd58406cc364d6e09f1e9ef9a8f57c056618b709
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Fhairbarnyc.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.8 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
66c1aff8564f0c727747c0a2f1ac6f5a215100fb599807bacecf6b23b1a6a975
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-response-time
115
date
Thu, 03 Nov 2022 14:26:38 GMT
content-encoding
gzip
strict-transport-security
max-age=631138519
last-modified
Thu, 03 Nov 2022 14:26:39 GMT
server
tsa_o
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
x-transaction-id
08e2c5eb7aaebab4
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
perf
7626143928
x-connection-hash
528481b0c2f8abd9fba54bd0335130fafbd183cddf4e40451124f7fa97fcabff
content-length
375
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v34/ Frame 1DC7 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hirefrederick.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 18:51:26 GMT
x-content-type-options
nosniff
age
243313
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16740
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:14:44 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 31 Oct 2023 18:51:26 GMT
published
hirefrederick.com/api/v1/locations/e18af810-45c8-47ad-9737-82c074ad49b9/reviews/ Frame 1DC7 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hirefrederick.com/api/v1/locations/e18af810-45c8-47ad-9737-82c074ad49b9/reviews/published?per=5&page=1&titleHexColor=46ACC5&starHexColor=46ACC5
Requested by
Host: hirefrederick.com
URL: https://hirefrederick.com/widget/review?location_id=e18af810-45c8-47ad-9737-82c074ad49b9&per_page=5&layout=carousel&background=ffffff&title_hex_color=46ACC5&star_hex_color=46ACC5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.157.58.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-157-58-70.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
56f8acb7ab35edf60d098dd2c581f2ad43eee6ff47185b36219910dd3e6371ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

X-NewRelic-ID
XAIDV1FACQQDVlRWAwMOVg==
tracestate
84467@nr=0-1-84467-1834863796-5a275c5cfbbefd79----1667485598953
traceparent
00-187b84e55ab094dbca9ad8348276c604-5a275c5cfbbefd79-01
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6Ijg0NDY3IiwiYXAiOiIxODM0ODYzNzk2IiwiaWQiOiI1YTI3NWM1Y2ZiYmVmZDc5IiwidHIiOiIxODdiODRlNTVhYjA5NGRiY2E5YWQ4MzQ4Mjc2YzYwNCIsInRpIjoxNjY3NDg1NTk4OTUzfX0=
Accept
*/*
Referer
https://hirefrederick.com/widget/review?location_id=e18af810-45c8-47ad-9737-82c074ad49b9&per_page=5&layout=carousel&background=ffffff&title_hex_color=46ACC5&star_hex_color=46ACC5
X-Requested-With
XMLHttpRequest

Response headers

X-Runtime
0.009141
Date
Thu, 03 Nov 2022 14:26:38 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Via
1.1 vegur
Server
Cowboy
Etag
W/"1360405fe7468c59adb1d72c77196a9e"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Transfer-Encoding
chunked
Cache-Control
max-age=0, private, must-revalidate
Connection
keep-alive
X-Xss-Protection
1; mode=block
X-Request-Id
d2663cc2-209f-4737-8fde-ded0c7143709
powered_by_mindbody-4aa8e59cc57d23a510194f27d8c08338.png
d34oxwxegf4jrt.cloudfront.net/assets/ Frame 1DC7 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d34oxwxegf4jrt.cloudfront.net/assets/powered_by_mindbody-4aa8e59cc57d23a510194f27d8c08338.png
Requested by
Host: hirefrederick.com
URL: https://hirefrederick.com/widget/review?location_id=e18af810-45c8-47ad-9737-82c074ad49b9&per_page=5&layout=carousel&background=ffffff&title_hex_color=46ACC5&star_hex_color=46ACC5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.194.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-194-61.fra2.r.cloudfront.net
Software
Cowboy /
Resource Hash
cc95bab64363493ebc9e7e26926d80dc92c14a6f0d4faa86e0b5a2d959fc9d05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hirefrederick.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Tue, 23 Aug 2022 06:15:02 GMT
Content-Encoding
gzip
Via
1.1 vegur, 1.1 5a5b94c62ea85e0c0d78b169589b08b4.cloudfront.net (CloudFront)
Last-Modified
Mon, 10 Aug 2020 18:04:27 GMT
Server
Cowboy
X-Amz-Cf-Pop
FRA2-C1
Age
6250296
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/png
X-Cache
Hit from cloudfront
Cache-Control
public, max-age=31536000
Connection
keep-alive
X-Amz-Cf-Id
kMslZyL191tr11DQv4P8sNZyQNyf3-nRYI5G9Wm-59Wo4KnWPc_CnA==
fontawesome-webfont-6d890ade6e9cb1a5ef15cd29df077ee5.woff2
d34oxwxegf4jrt.cloudfront.net/assets/ Frame 1DC7 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d34oxwxegf4jrt.cloudfront.net/assets/fontawesome-webfont-6d890ade6e9cb1a5ef15cd29df077ee5.woff2
Requested by
Host: d34oxwxegf4jrt.cloudfront.net
URL: https://d34oxwxegf4jrt.cloudfront.net/assets/widgets-2cb303c877c6aa772778dc9f2c7421bf.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.194.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-194-61.fra2.r.cloudfront.net
Software
Cowboy /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://d34oxwxegf4jrt.cloudfront.net/assets/widgets-2cb303c877c6aa772778dc9f2c7421bf.css
Origin
https://hirefrederick.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 02:00:16 GMT
Content-Encoding
gzip
Via
1.1 vegur, 1.1 7a3193ebce69450274ae629ce856b09c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA2-C1
Age
2550382
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Mon, 29 Jan 2018 01:32:00 GMT
Server
Cowboy
Access-Control-Max-Age
3628800
Access-Control-Allow-Methods
GET
Content-Type
application/font-woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Vary
Accept-Encoding
Access-Control-Allow-Headers
x-requested-with
X-Amz-Cf-Id
574ZH-CrT9uowYT4EaOJ8cSJj_lF2JsjC_VLbMBjk4Rlxk9UWuDlPQ==
button.php
hairbarnyc.ladesk.com/scripts/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hairbarnyc.ladesk.com/scripts/button.php?ChS=UTF-8&C=Widget&i=54332a99&p=__S__hairbarnyc.com%2F
Requested by
Host: hairbarnyc.ladesk.com
URL: https://hairbarnyc.ladesk.com/scripts/track.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.79.6.119 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1105-119.members.linode.com
Software
nginx /
Resource Hash
74c43807cb8e7e9cf46be613e03d1efffbcabaa40b6b0fa454dab6ee5e0d16d5
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 14:26:39 GMT
content-encoding
gzip
x-content-type-options
nosniff, nosniff
via
1.1 varnish (2.lb-app.la.linode-us-tx)
x-srv
7
age
211
content-length
1019
pragma
last-modified
Thu, 03 Nov 2022 14:23:08 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
x-varnish
552175317 551322917
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
accept-ranges
bytes
expires
Mon, 26 Jul 1997 05:00:00 GMT
generateWidget.php
hairbarnyc.ladesk.com/scripts/ Frame 46BA 		54 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hairbarnyc.ladesk.com/scripts/generateWidget.php?v=5.33.6.18&t=1667482535&cwid=54332a99&cwrt=C&cwt=chat&pt=Best%20Hair%20Salon%20in%20New%20York%20and%20Florida%20-%20HairBar%20NYC&ref=https%3A%2F%2Fhairbarnyc.com%2F
Requested by
Host: hairbarnyc.ladesk.com
URL: https://hairbarnyc.ladesk.com/scripts/track.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.79.6.119 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1105-119.members.linode.com
Software
nginx /
Resource Hash
ce9108f745b5ba69704d35bc03da4e94759353dbfb1c6693c3c70c715ae5d0ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://hairbarnyc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
314
cache-control
max-age=31536000, public
content-encoding
gzip
content-length
11224
content-type
text/html; charset=utf-8
date
Thu, 03 Nov 2022 14:26:39 GMT
expires
Sun, 01 Jan 2023 08:00:00 GMT
last-modified
Tue, 01 Jan 2008 08:00:00 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 varnish (2.lb-app.la.linode-us-tx)
x-content-type-options
nosniff
x-srv
1
x-varnish
551193093 530917441
generateWidget.php
hairbarnyc.ladesk.com/scripts/ Frame 3AA3 		28 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hairbarnyc.ladesk.com/scripts/generateWidget.php?v=5.33.6.18&t=1667482535&cwid=54332a99&cwrt=C&cwt=onlineform&pt=Best%20Hair%20Salon%20in%20New%20York%20and%20Florida%20-%20HairBar%20NYC&ref=https%3A%2F%2Fhairbarnyc.com%2F
Requested by
Host: hairbarnyc.ladesk.com
URL: https://hairbarnyc.ladesk.com/scripts/track.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.79.6.119 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1105-119.members.linode.com
Software
nginx /
Resource Hash
e55f12279b533eb4460e1ca9f8f0846c9fa2c62f205637616818be4533d7ebb0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://hairbarnyc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
314
cache-control
max-age=31536000, public
content-encoding
gzip
content-length
6162
content-type
text/html; charset=utf-8
date
Thu, 03 Nov 2022 14:26:39 GMT
expires
Sun, 01 Jan 2023 08:00:00 GMT
last-modified
Tue, 01 Jan 2008 08:00:00 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 varnish (2.lb-app.la.linode-us-tx)
x-content-type-options
nosniff
x-srv
2
x-varnish
552501615 532062420
track_visit.php
hairbarnyc.ladesk.com/scripts/ 		267 B
583 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hairbarnyc.ladesk.com/scripts/track_visit.php?t=Y&C=Track&B=vuzpjiudrtl05mssdcfbnjcixlxm0&S=t6peb1bcrl7c98k29l86ysohk1rj7&pt=Best%20Hair%20Salon%20in%20New%20York%20and%20Florida%20-%20HairBar%20NYC&url=__S__hairbarnyc.com%2F&ref=&sr=1600x1200&ud=%7B%7D&vn=Y&ci=&jstk=Y
Requested by
Host: hairbarnyc.ladesk.com
URL: https://hairbarnyc.ladesk.com/scripts/track.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.79.6.119 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1105-119.members.linode.com
Software
nginx /
Resource Hash
2d63013f9f84b97c3f58f1b7f11a1e1c8f1c388fb626a5393f161c4309e2691a
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 14:26:39 GMT
content-encoding
gzip
x-content-type-options
nosniff, nosniff
via
1.1 varnish (2.lb-app.la.linode-us-tx)
x-srv
6
age
210
content-length
209
pragma
last-modified
Thu, 03 Nov 2022 14:23:09 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
x-varnish
543067946 532063301
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
accept-ranges
bytes
expires
Mon, 26 Jul 1997 05:00:00 GMT
chat.css
hairbarnyc.ladesk.com/themes/embedded_chat/ascent/ Frame 46BA 		129 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hairbarnyc.ladesk.com/themes/embedded_chat/ascent/chat.css?v=5.33.6.18
Requested by
Host: hairbarnyc.ladesk.com
URL: https://hairbarnyc.ladesk.com/scripts/generateWidget.php?v=5.33.6.18&t=1667482535&cwid=54332a99&cwrt=C&cwt=chat&pt=Best%20Hair%20Salon%20in%20New%20York%20and%20Florida%20-%20HairBar%20NYC&ref=https%3A%2F%2Fhairbarnyc.com%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.79.6.119 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1105-119.members.linode.com
Software
nginx /
Resource Hash
fb5d16e1e20efb235c8600ffe2d97e7a32b14d094df211d89f6d010cadc4fbb1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 14:26:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 varnish (2.lb-app.la.linode-us-tx)
x-srv
6
age
670
content-length
23932
last-modified
Tue, 18 Oct 2022 18:46:50 GMT
server
nginx
etag
"2031b-5eb5383d2da80"
vary
Accept-Encoding
content-type
text/css
x-varnish
543067949 542081678
cache-control
max-age=604800
accept-ranges
bytes
expires
Thu, 10 Nov 2022 14:15:29 GMT
bundle-5c3e2a4e8b463c094a2f.esm.js
hairbarnyc.ladesk.com/scripts/static/webpack/liveagent-common-bundle/ Frame 46BA 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hairbarnyc.ladesk.com/scripts/static/webpack/liveagent-common-bundle/bundle-5c3e2a4e8b463c094a2f.esm.js
Requested by
Host: hairbarnyc.ladesk.com
URL: https://hairbarnyc.ladesk.com/scripts/generateWidget.php?v=5.33.6.18&t=1667482535&cwid=54332a99&cwrt=C&cwt=chat&pt=Best%20Hair%20Salon%20in%20New%20York%20and%20Florida%20-%20HairBar%20NYC&ref=https%3A%2F%2Fhairbarnyc.com%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.79.6.119 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1105-119.members.linode.com
Software
nginx /
Resource Hash
77a4c06a3ce2ac331868facdeec04d537b73ca4ce550b7ceb10a574bb88dc270
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 14:26:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 varnish (2.lb-app.la.linode-us-tx)
x-srv
4
age
745
content-length
1690
last-modified
Tue, 18 Oct 2022 18:46:40 GMT
server
nginx
etag
"e6e-5eb53833a4400"
vary
Accept-Encoding
content-type
application/javascript
x-varnish
552175338 536581282
cache-control
max-age=21600
accept-ranges
bytes
expires
Thu, 03 Nov 2022 20:14:14 GMT
stringutils-b269facad31f62e06674.esm.js
hairbarnyc.ladesk.com/scripts/static/webpack/liveagent-common-bundle/ Frame 46BA 		221 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hairbarnyc.ladesk.com/scripts/static/webpack/liveagent-common-bundle/stringutils-b269facad31f62e06674.esm.js
Requested by
Host: hairbarnyc.ladesk.com
URL: https://hairbarnyc.ladesk.com/scripts/generateWidget.php?v=5.33.6.18&t=1667482535&cwid=54332a99&cwrt=C&cwt=chat&pt=Best%20Hair%20Salon%20in%20New%20York%20and%20Florida%20-%20HairBar%20NYC&ref=https%3A%2F%2Fhairbarnyc.com%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.79.6.119 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1105-119.members.linode.com
Software
nginx /
Resource Hash
10ef3398c19da54a0d843d5ca879f3fa394641771116ae8f20c1b768ad4e38a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 14:26:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 varnish (2.lb-app.la.linode-us-tx)
x-srv
7
age
745
content-length
75752
last-modified
Tue, 18 Oct 2022 18:46:40 GMT
server
nginx
etag
"37312-5eb53833a4400"
vary
Accept-Encoding
content-type
application/javascript
x-varnish
550864260 545849764
cache-control
max-age=21600
accept-ranges
bytes
expires
Thu, 03 Nov 2022 20:14:14 GMT
contact.css
hairbarnyc.ladesk.com/themes/contact/ascent/ Frame 3AA3 		122 KB
38 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hairbarnyc.ladesk.com/themes/contact/ascent/contact.css?v=5.33.6.18
Requested by
Host: hairbarnyc.ladesk.com
URL: https://hairbarnyc.ladesk.com/scripts/generateWidget.php?v=5.33.6.18&t=1667482535&cwid=54332a99&cwrt=C&cwt=onlineform&pt=Best%20Hair%20Salon%20in%20New%20York%20and%20Florida%20-%20HairBar%20NYC&ref=https%3A%2F%2Fhairbarnyc.com%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.79.6.119 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1105-119.members.linode.com
Software
nginx /
Resource Hash
2da9576da5f393b7eb6a03b2daccb9d11bb6fb420e84b3de755187a2e719d2c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 14:26:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 varnish (2.lb-app.la.linode-us-tx)
x-srv
7
age
234
content-length
38670
last-modified
Tue, 18 Oct 2022 18:46:52 GMT
server
nginx
etag
"1e9c7-5eb5383f15f00"
vary
Accept-Encoding
content-type
text/css
x-varnish
551618155 547916353
cache-control
max-age=604800
accept-ranges
bytes
expires
Thu, 10 Nov 2022 14:22:45 GMT
bundle-5c3e2a4e8b463c094a2f.esm.js
hairbarnyc.ladesk.com/scripts/static/webpack/liveagent-common-bundle/ Frame 3AA3 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hairbarnyc.ladesk.com/scripts/static/webpack/liveagent-common-bundle/bundle-5c3e2a4e8b463c094a2f.esm.js
Requested by
Host: hairbarnyc.ladesk.com
URL: https://hairbarnyc.ladesk.com/scripts/generateWidget.php?v=5.33.6.18&t=1667482535&cwid=54332a99&cwrt=C&cwt=onlineform&pt=Best%20Hair%20Salon%20in%20New%20York%20and%20Florida%20-%20HairBar%20NYC&ref=https%3A%2F%2Fhairbarnyc.com%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.79.6.119 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1105-119.members.linode.com
Software
nginx /
Resource Hash
77a4c06a3ce2ac331868facdeec04d537b73ca4ce550b7ceb10a574bb88dc270
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 14:26:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 varnish (2.lb-app.la.linode-us-tx)
x-srv
4
age
745
content-length
1690
last-modified
Tue, 18 Oct 2022 18:46:40 GMT
server
nginx
etag
"e6e-5eb53833a4400"
vary
Accept-Encoding
content-type
application/javascript
x-varnish
551618157 536581282
cache-control
max-age=21600
accept-ranges
bytes
expires
Thu, 03 Nov 2022 20:14:14 GMT
stringutils-b269facad31f62e06674.esm.js
hairbarnyc.ladesk.com/scripts/static/webpack/liveagent-common-bundle/ Frame 3AA3 		221 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hairbarnyc.ladesk.com/scripts/static/webpack/liveagent-common-bundle/stringutils-b269facad31f62e06674.esm.js
Requested by
Host: hairbarnyc.ladesk.com
URL: https://hairbarnyc.ladesk.com/scripts/generateWidget.php?v=5.33.6.18&t=1667482535&cwid=54332a99&cwrt=C&cwt=onlineform&pt=Best%20Hair%20Salon%20in%20New%20York%20and%20Florida%20-%20HairBar%20NYC&ref=https%3A%2F%2Fhairbarnyc.com%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.79.6.119 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1105-119.members.linode.com
Software
nginx /
Resource Hash
10ef3398c19da54a0d843d5ca879f3fa394641771116ae8f20c1b768ad4e38a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 14:26:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 varnish (2.lb-app.la.linode-us-tx)
x-srv
7
age
745
content-length
75752
last-modified
Tue, 18 Oct 2022 18:46:40 GMT
server
nginx
etag
"37312-5eb53833a4400"
vary
Accept-Encoding
content-type
application/javascript
x-varnish
540810513 545849764
cache-control
max-age=21600
accept-ranges
bytes
expires
Thu, 03 Nov 2022 20:14:14 GMT
file.php
hairbarnyc.ladesk.com/scripts/ Frame 3AA3 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hairbarnyc.ladesk.com/scripts/file.php?view=Y&file=gutc2usl24h13340ioseo5veifz5nunm
Requested by
Host: hairbarnyc.ladesk.com
URL: https://hairbarnyc.ladesk.com/scripts/generateWidget.php?v=5.33.6.18&t=1667482535&cwid=54332a99&cwrt=C&cwt=onlineform&pt=Best%20Hair%20Salon%20in%20New%20York%20and%20Florida%20-%20HairBar%20NYC&ref=https%3A%2F%2Fhairbarnyc.com%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.79.6.119 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1105-119.members.linode.com
Software
nginx /
Resource Hash
6b09a83839192e3e4b4c27c4610cd63099e27f6d25079965409b109a17af476b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 14:26:39 GMT
via
1.1 varnish (2.lb-app.la.linode-us-tx)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
x-srv
1
age
519
vary
Accept-Encoding
content-type
image/png
x-varnish
547326792 541852780
cache-control
max-age=36000
content-disposition
filename="Logo 2019.png"
accept-ranges
bytes
content-length
11942
expires
Thu, 03 Nov 22 17:18:01 -0700
en.build.json
cdn.acsbapp.com/cache/app/ 		238 KB
25 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.acsbapp.com/cache/app/en.build.json
Requested by
Host: acsbapp.com
URL: https://acsbapp.com/apps/app/dist/js/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.185.239.229 New York, United States, ASN36007 (KAMATERA, US),
Reverse DNS
Software
/
Resource Hash
ae73c20a7c405b54df9b4d7d9e18687e918b2b16d84e58d3904c8217b5a2d32d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 14:26:39 GMT
content-encoding
br
last-modified
Tue, 01 Nov 2022 18:07:03 GMT
etag
"3b8a8-63616047-955640a7b642251;br"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=432000 public
accept-ranges
bytes
access-control-allow-headers
*
content-length
25896
expires
Fri, 04 Nov 2022 14:26:39 GMT
bus.html
1-vbus-us-tx.ladesk.com/5_33_6_18/scripts/lib/ Frame 88EA 		315 B
263 B 		Document
General
Check archive.org
Download Go to
Full URL
https://1-vbus-us-tx.ladesk.com/5_33_6_18/scripts/lib/bus.html?v=5.33.6.18
Requested by
Host: hairbarnyc.ladesk.com
URL: https://hairbarnyc.ladesk.com/scripts/track.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.14.190.90 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li105-90.members.linode.com
Software
nginx /
Resource Hash
5a4164cdbb38651f2f2d28e25101780515ff8c1072ba99d0a5761500cf306ee3

Request headers

Referer
https://hairbarnyc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Thu, 03 Nov 2022 14:26:40 GMT
etag
W/"634ef492-13b"
last-modified
Tue, 18 Oct 2022 18:46:42 GMT
server
nginx
settings
cdn.segment.com/v1/projects/k2VrpID8FshBjeEVNf1mYaLiPxU3aQwf/ Frame 1DC7 		702 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/v1/projects/k2VrpID8FshBjeEVNf1mYaLiPxU3aQwf/settings
Requested by
Host: hirefrederick.com
URL: https://hirefrederick.com/widget/review?location_id=e18af810-45c8-47ad-9737-82c074ad49b9&per_page=5&layout=carousel&background=ffffff&title_hex_color=46ACC5&star_hex_color=46ACC5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.5.209 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-5-209.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b6ec9ef99e7af060bd8be117b76faeab0de6a02541ef27d4d7aabe7b67688254

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hirefrederick.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id
tiBSw15sR0L12gc.WJ4BiOTTO8pQ.VAj
date
Thu, 03 Nov 2022 14:26:39 GMT
via
1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P2
age
148
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
702
last-modified
Thu, 15 Sep 2022 02:05:56 GMT
server
AmazonS3
etag
"db19dbb9829a3baa6cf27b4bab904a50"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=10800
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
0b0pF3T7Q7LNJfBopQs35uG41TywMxzw1eRElVEhME8p25esX-6ikA==
nr-spa-1216.min.js
js-agent.newrelic.com/ Frame 1DC7 		49 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-spa-1216.min.js
Requested by
Host: hirefrederick.com
URL: https://hirefrederick.com/widget/review?location_id=e18af810-45c8-47ad-9737-82c074ad49b9&per_page=5&layout=carousel&background=ffffff&title_hex_color=46ACC5&star_hex_color=46ACC5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
545156adeae44dadc82b98d504f805ebe77fb79c928ef34eed1057bb9d4cb8fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hirefrederick.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id
UU.F5jvoumAjQChriwTQHbisCFw_OInU
content-encoding
gzip
via
1.1 varnish
date
Thu, 03 Nov 2022 14:26:39 GMT
x-amz-request-id
K4XG3GDQA2JQPM3K
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
18216
x-amz-id-2
1LC1Y9A/3l8LsdN5GeBF9+boWWijA07iJq4dDWSvsYmL5sVXQn1zq7X0GIkkRl6U2xVnWdxfhW0=
x-served-by
cache-hhn4053-HHN
last-modified
Thu, 14 Apr 2022 16:45:57 GMT
server
AmazonS3
x-timer
S1667485600.915875,VS0,VE0
etag
"63e2df852d15ab21d7ff8fc4363222e8"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
3470
183ec609-d20c-40fd-6d6f-af75d69e15ca
data.pendo.io/data/ptm.gif/ Frame 1DC7 		42 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.pendo.io/data/ptm.gif/183ec609-d20c-40fd-6d6f-af75d69e15ca?v=2.158.1_prod&ct=1667485599612&jzb=eJzlks2O2jAQgF-l8oFTIHFwSIyEKgTtai_tqs1u_1RZxh7AwsSp4_CzK959J7BFlar21lN9ssfjLzNf5tsTCccayJhsIUgSkYV3-wa8CGaLUToa5azIMs4znkZkZxoTnBdG4wNx9-bd_L0oRfGwKStX3Wj6GQFSKddW4ZxTtdZGpPUW09ch1M04jtfGw9KDBm_UZqDcNt4bvYIQe9gZ2L-2TslgXIWACdBCLgua9Fmmij7Lpe7zfJj3i1QlOZOa8QXv1VhtLVcwyXpWHl0bJkp61zZgewupNivcV3qyPK9eMMGCWMNBKGedn7DRdDbLek2Q_rcoNlN7Vzdk_PSz826LZNRzkTbFvo9b_Nirh5eEiFhZrVqsB6-hEvcfMfRnX6erMETjoZYeqjD9NaRl6FjJMKY0TpM0ReAOfIOOMJwOaFYMqMBKdUe7AEq5uL36D5cD-XpX8jD7smSPP_jb3WKOnKWXWzhfMs0O81I92g-3nzY3h_tuFI4BsPlsWJyi65hYJ_VfxyT7n8eks_PiJGUJHwyTblGe5EP0YhpxFk7GwbfwT34Wo6PT92fd_kNB
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.204.85 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
85.204.107.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hirefrederick.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 14:26:40 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-max-age
600
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
access-control-allow-credentials
false
access-control-allow-headers
Origin,Accept,Content-Type,Authorization
content-length
42
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
183ec609-d20c-40fd-6d6f-af75d69e15ca
data.pendo.io/data/guide.js/ Frame 1DC7 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://data.pendo.io/data/guide.js/183ec609-d20c-40fd-6d6f-af75d69e15ca?id=5&jzb=eJx1kF9rKjEQxb9KycM-ue4fd7ursBSx5dKX20Kt9C2MybgGY7JkZ7VS_O6Ol4sUSvM0-eVwMud8iYPpDfnwrMVMyNenv48vcinr1W7pvPujsw8xEqCUHxxdJW6wdiSGYFm9Jer6WZJsTcBNQI3BqN1Y-X1yNLpFSgIeDB4frFdAxjtpdINZDZs6S-OiVHVcVKDjaTWp4jpXaVWALqbradRhkB202JSRhZMfqFEQ_NCjjdagdi3PTjebfyciQxblFj-l8taHprifLxZl1BOEH5Sz7JFAA4GY3aJfRzYPkk4dcq45Jz_t-b-71X_BSFhw7cAr8TM6-f7GyPza2PlWGVvzpYOAjubfEa9w9UonSZYleZrnbHjA0HNNjPNxVtbjTHbBa3E-XwCG2o0n&v=2.158.1_prod&ct=1667485599617
Requested by
Host: hirefrederick.com
URL: https://hirefrederick.com/widget/review?location_id=e18af810-45c8-47ad-9737-82c074ad49b9&per_page=5&layout=carousel&background=ffffff&title_hex_color=46ACC5&star_hex_color=46ACC5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.204.85 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
85.204.107.34.bc.googleusercontent.com
Software
/
Resource Hash
d34dc430993c54f5aa724c7801f8c170e8417e6b2ef1b67cf753afbfaf0cdf96
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hirefrederick.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 14:26:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 google
access-control-max-age
600
vary
Accept-Encoding
access-control-allow-methods
GET,POST
access-control-allow-origin
*
content-type
application/javascript
access-control-allow-credentials
false
access-control-allow-headers
Origin,Accept,Content-Type,Authorization
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
183ec609-d20c-40fd-6d6f-af75d69e15ca
data.pendo.io/data/guide.gif/ Frame 1DC7 		42 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.pendo.io/data/guide.gif/183ec609-d20c-40fd-6d6f-af75d69e15ca?jzb=eJwFwIEIAAAAwDDQd3-N1QABFQC5&ct=1667485599619&v=2.158.1_prod
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.204.85 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
85.204.107.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hirefrederick.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 14:26:39 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-max-age
600
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
access-control-allow-credentials
false
access-control-allow-headers
Origin,Accept,Content-Type,Authorization
content-length
42
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
logomono.svg
web1.acsbapp.com/apps/app/dist/media/ 		4 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://web1.acsbapp.com/apps/app/dist/media/logomono.svg
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
138.128.247.123 New York, United States, ASN36007 (KAMATERA, US),
Reverse DNS
Software
/
Resource Hash
eded00575f65de726a63f811022d119ed582721233e74343735cad53930c2a76

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 14:26:39 GMT
content-encoding
br
last-modified
Mon, 26 Sep 2022 21:02:04 GMT
etag
"1034-6332134c-7705bf7dfc5e498d;br"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=432000 public
accept-ranges
bytes
access-control-allow-headers
*
content-length
1210
expires
Fri, 03 Nov 2023 14:26:39 GMT
p
api.segment.io/v1/ Frame 1DC7 		21 B
175 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.segment.io/v1/p
Requested by
Host: hirefrederick.com
URL: https://hirefrederick.com/widget/review?location_id=e18af810-45c8-47ad-9737-82c074ad49b9&per_page=5&layout=carousel&background=ffffff&title_hex_color=46ACC5&star_hex_color=46ACC5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.218.207.27 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-218-207-27.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://hirefrederick.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://hirefrederick.com
date
Thu, 03 Nov 2022 14:26:40 GMT
strict-transport-security
max-age=31536000
content-length
21
vary
Origin
content-type
application/json
169e250927
bam.nr-data.net/1/ Frame 1DC7 		49 B
625 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/169e250927?a=1732544290&v=1216.487a282&to=dFsMRkpZCFlTER0TC1NTB0YXRAFDXwZF&rst=2781&ck=1&ref=https://hirefrederick.com/widget/review&qt=7&ap=8&be=575&fe=2410&dc=1770&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1667485597165,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:23,%22c%22:23,%22s%22:131,%22ce%22:249,%22rq%22:254,%22rp%22:383,%22rpe%22:489,%22dl%22:524,%22di%22:1770,%22ds%22:1770,%22de%22:1792,%22dc%22:2410,%22l%22:2410,%22le%22:2412%7D,%22navigation%22:%7B%7D%7D&fp=1917&fcp=1917&jsonp=NREUM.setToken
Requested by
Host: hirefrederick.com
URL: https://hirefrederick.com/widget/review?location_id=e18af810-45c8-47ad-9737-82c074ad49b9&per_page=5&layout=carousel&background=ffffff&title_hex_color=46ACC5&star_hex_color=46ACC5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.14 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hirefrederick.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Thu, 03 Nov 2022 14:26:40 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Server
cloudflare
Transfer-Encoding
chunked
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Vary
Accept-Encoding
access-control-allow-credentials
true
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
CF-Ray
7645c9482d97699b-FRA
postmessage_bundle.js
1-vbus-us-tx.ladesk.com/5_33_6_18/static/webpack/js_bundle/ Frame 88EA 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1-vbus-us-tx.ladesk.com/5_33_6_18/static/webpack/js_bundle/postmessage_bundle.js
Requested by
Host: 1-vbus-us-tx.ladesk.com
URL: https://1-vbus-us-tx.ladesk.com/5_33_6_18/scripts/lib/bus.html?v=5.33.6.18
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.14.190.90 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li105-90.members.linode.com
Software
nginx /
Resource Hash
faa8e9370329c0b337f2c2dbbac451c8a5444d45f742f9acec42465452a87eb3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1-vbus-us-tx.ladesk.com/5_33_6_18/scripts/lib/bus.html?v=5.33.6.18
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 14:26:40 GMT
last-modified
Tue, 18 Oct 2022 18:46:40 GMT
server
nginx
accept-ranges
bytes
etag
"634ef490-82a"
content-length
2090
content-type
application/javascript
pushstream_bundle.js
1-vbus-us-tx.ladesk.com/5_33_6_18/static/webpack/js_bundle/ Frame 88EA 		20 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1-vbus-us-tx.ladesk.com/5_33_6_18/static/webpack/js_bundle/pushstream_bundle.js
Requested by
Host: 1-vbus-us-tx.ladesk.com
URL: https://1-vbus-us-tx.ladesk.com/5_33_6_18/scripts/lib/bus.html?v=5.33.6.18
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.14.190.90 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li105-90.members.linode.com
Software
nginx /
Resource Hash
ab1f85d6560124d8d3d99ab7fd875a5c2ff35da42f7d9c8c138e08dd198298f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1-vbus-us-tx.ladesk.com/5_33_6_18/scripts/lib/bus.html?v=5.33.6.18
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 14:26:40 GMT
last-modified
Tue, 18 Oct 2022 18:46:40 GMT
server
nginx
accept-ranges
bytes
etag
"634ef490-50d0"
content-length
20688
content-type
application/javascript
bus_bundle.js
1-vbus-us-tx.ladesk.com/5_33_6_18/static/webpack/js_bundle/ Frame 88EA 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1-vbus-us-tx.ladesk.com/5_33_6_18/static/webpack/js_bundle/bus_bundle.js
Requested by
Host: 1-vbus-us-tx.ladesk.com
URL: https://1-vbus-us-tx.ladesk.com/5_33_6_18/scripts/lib/bus.html?v=5.33.6.18
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.14.190.90 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li105-90.members.linode.com
Software
nginx /
Resource Hash
2df69b6b5eabdfc3a041b51249904b1f2355bd5a3635be0ff03750df349fab24

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1-vbus-us-tx.ladesk.com/5_33_6_18/scripts/lib/bus.html?v=5.33.6.18
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 14:26:40 GMT
last-modified
Tue, 18 Oct 2022 18:46:40 GMT
server
nginx
accept-ranges
bytes
etag
"634ef490-8ca"
content-length
2250
content-type
application/javascript
169e250927
bam.nr-data.net/events/1/ Frame 1DC7 		24 B
405 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/events/1/169e250927?a=1732544290&v=1216.487a282&to=dFsMRkpZCFlTER0TC1NTB0YXRAFDXwZF&rst=3226&ck=1&ref=https://hirefrederick.com/widget/review
Requested by
Host: hirefrederick.com
URL: https://hirefrederick.com/widget/review?location_id=e18af810-45c8-47ad-9737-82c074ad49b9&per_page=5&layout=carousel&background=ffffff&title_hex_color=46ACC5&star_hex_color=46ACC5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.14 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
https://hirefrederick.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
content-type
text/plain

Response headers

Date
Thu, 03 Nov 2022 14:26:40 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://hirefrederick.com
access-control-allow-credentials
true
Connection
keep-alive
CF-Ray
7645c94a8abb699b-FRA
Content-Length
24
/
ipinfo.io/ 		318 B
560 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ipinfo.io/
Requested by
Host: hairbarnyc.com
URL: https://hairbarnyc.com/catalog/view/javascript/facebook_business/cookieconsent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.59.81 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
81.59.117.34.bc.googleusercontent.com
Software
/
Resource Hash
ff0127b9955db6b0f4c2a2c3785edea8cfe19f2a114a7fb95b7400b75ab8ca71
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://hairbarnyc.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 03 Nov 2022 14:26:40 GMT
strict-transport-security
max-age=2592000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
content-encoding
gzip
via
1.1 google
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-envoy-upstream-service-time
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
favicon.ico
favicon.click/ 		0
0
v2
1-vbus-us-tx.ladesk.com/5_33_6_18/u97179_0b9d/vuzpjiudrtl05mssdcfbnjcixlxm0/event/lp/ Frame 88EA 		0
161 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://1-vbus-us-tx.ladesk.com/5_33_6_18/u97179_0b9d/vuzpjiudrtl05mssdcfbnjcixlxm0/event/lp/v2?channels=5be5ce608a_vb_t6peb1bcrl7c98k29l86ysohk1rj7&tag=0&time=Thu%2C%2003%20Nov%202022%2010%3A16%3A40%20GMT&eventid=&_=1667485600673
Requested by
Host: 1-vbus-us-tx.ladesk.com
URL: https://1-vbus-us-tx.ladesk.com/5_33_6_18/static/webpack/js_bundle/pushstream_bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.14.190.90 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li105-90.members.linode.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1-vbus-us-tx.ladesk.com/5_33_6_18/scripts/lib/bus.html?v=5.33.6.18
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 14:26:40 GMT
last-modified
Thu, 03 Nov 2022 10:16:40 GMT
server
nginx
etag
W/0
content-type
application/octet-stream
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
Thu, 01 Jan 1970 00:00:01 GMT
Pay-with-Sezzle.jpg
hairbarnyc.com/image/catalog/2021/Banners/ 		258 KB
259 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hairbarnyc.com/image/catalog/2021/Banners/Pay-with-Sezzle.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
bc2ca7df42c8bbd60e1af29d2895f9333614ec90f91db97446882cdf95fe6ec5
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Thu, 03 Nov 2022 14:26:43 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Last-Modified
Thu, 12 Aug 2021 05:44:51 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"40972-5c9563bc9bac0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=92
Content-Length
264562
X-XSS-Protection
1; mode=block
Blowout%20Express%20Keratin-300x300.jpg
hairbarnyc.com/image/cache/catalog/2021/Services%20Profiles/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hairbarnyc.com/image/cache/catalog/2021/Services%20Profiles/Blowout%20Express%20Keratin-300x300.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
498351efd313c7294dfcf1198cfe019e9215a35a59af9453e716644d08e4d098
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Thu, 03 Nov 2022 14:26:43 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Last-Modified
Thu, 12 Aug 2021 06:01:10 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"6101-5c95676241580"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=88
Content-Length
24833
X-XSS-Protection
1; mode=block
Professional%20Hair%20Color%20Basic%20Kit%20-%201%20Tube-300x300.jpg
hairbarnyc.com/image/cache/catalog/2021/Home%20Kits%20Profiles/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hairbarnyc.com/image/cache/catalog/2021/Home%20Kits%20Profiles/Professional%20Hair%20Color%20Basic%20Kit%20-%201%20Tube-300x300.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
f0be079c801e725cd6b842f842f9047670898fc083b7358a57dcf8f530848238
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Thu, 03 Nov 2022 14:26:43 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Last-Modified
Thu, 12 Aug 2021 06:01:11 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"6f7d-5c956763357c0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=90
Content-Length
28541
X-XSS-Protection
1; mode=block
Ultimate%20Repair%20System%20Bundle%203-min-300x300.png
hairbarnyc.com/image/cache/catalog/keratin%20compressed/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hairbarnyc.com/image/cache/catalog/keratin%20compressed/Ultimate%20Repair%20System%20Bundle%203-min-300x300.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.155.45.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-45-56.us-west-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
f2d908e27c7852b0e9d5877861de61d7f73f2ca9b5e0c41464553a83fb9b3ed1
Security Headers
Name Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hairbarnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Thu, 03 Nov 2022 14:26:43 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Last-Modified
Thu, 12 Aug 2021 06:01:12 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"9e75-5c95676429a00"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=93
Content-Length
40565
X-XSS-Protection
1; mode=block

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cdn.weglot.com
URL
https://cdn.weglot.com/projects-settings/df0392f6336a9a6a7934a3e7a2f4a5176.json
Domain
favicon.click
URL
https://favicon.click/favicon.ico

Verdicts & Comments Add Verdict or Comment

108 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| hj object| _hjSettings function| $ function| jQuery object| twttr function| gtag object| dataLayer function| fbq function| _fbq number| isFacebookPixelInHeaderAdded number| isFacebookPixelAdded function| facebook_loadScript string| pixel_script_filename number| isFacebookCustomerChatInHeaderAdded number| isFacebookCustomerChatAdded function| getURLVar function| pav_calculateYoutubeHeight function| updateMiniBasket object| cart object| voucher object| wishlist function| openPopupCompare object| compare function| Swiper object| Weglot object| FRED object| button_n number| prod_id object| button_wish object| google_tag_manager object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| google_tag_data string| GoogleAnalyticsObject function| ga object| FB number| PIN_19299 object| __twttrll object| __twttr object| GooglebQhCsO object| cookieconsent object| _facebookAdsExtension object| PIN_1667485597590 string| value object| key object| PinUtils object| __buffer object| gaplugins object| gaGlobal object| gaData function| _toConsumableArray function| _0x106c function| _nonIterableSpread function| _iterableToArray function| _arrayWithoutHoles function| _typeof function| _0xb6d8 function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray object| AJS object| AccessiBe object| acsb object| acsbJS function| openPopUp string| GoogleAnalyticsObjects function| WDjI boolean| ll function| Checkout object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill string| left string| right string| cartname string| center function| QZDMI object| EJSEventListeners object| LiveAgentTrackerXD function| LiveAgent function| LiveAgentTracker function| init_button_54332a99 object| widgets number| widgetsLength function| EJSCustomEvent string| l1ll string| gt

20 Cookies

Domain/Path Name / Value
hairbarnyc.com/ Name: OCSESSID
Value: d1b27057848335fbea4aed4933
.hairbarnyc.com/ Name: language
Value: en-gb
.hairbarnyc.com/ Name: currency
Value: USD
.hairbarnyc.com/ Name: _gcl_au
Value: 1.1.1871172530.1667485597
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.hairbarnyc.com/ Name: _fbp
Value: fb.1.1667485597656.161893185
.hairbarnyc.com/ Name: _ga
Value: GA1.2.727008054.1667485598
.hairbarnyc.com/ Name: _gid
Value: GA1.2.1966151350.1667485598
.hairbarnyc.com/ Name: _gat_gtag_UA_165298320_1
Value: 1
hairbarnyc.com/ Name: __session:0.6395867460449969:
Value: https:
hairbarnyc.com/ Name: LaVisitorNew
Value: Y
.hairbarnyc.com/ Name: LaVisitorId_aGFpcmJhcm55Yy5sYWRlc2suY29tLw
Value: vuzpjiudrtl05mssdcfbnjcixlxm0
hairbarnyc.com/ Name: LaSID
Value: t6peb1bcrl7c98k29l86ysohk1rj7
hirefrederick.com/ Name: _app_session
Value: MWtIcDJvQmEvMEdJVUhRNStlWUkrQXBJTWoxTlF1eHJYMnJQVWZ1dDhaYXh1UGdaWm1GT2dRWXpScC9IYVpZVHhzcEFJNno5VTZmb3pnd1JSUEg3ZXBmQkRoNnIrNHdGeVNKNWltdXJ2WitWWnlsK1NFd0lhRndpNUcvRVhreWktLUp4RjloVDkxR1J0UTlaU2o1ZGk1V1E9PQ%3D%3D--a16bfcb754cab085ba14203027eff9a9cd5f4133
.hairbarnyc.com/ Name: _hjSessionUser_2139383
Value: eyJpZCI6ImE4MWVjYjc0LWI2MWEtNTAwNS1hYzJjLWRkZTgxMWZjYzUwYyIsImNyZWF0ZWQiOjE2Njc0ODU1OTc1NzQsImV4aXN0aW5nIjpmYWxzZX0=
.hairbarnyc.com/ Name: _hjFirstSeen
Value: 1
hairbarnyc.com/ Name: _hjIncludedInSessionSample
Value: 0
.hairbarnyc.com/ Name: _hjSession_2139383
Value: eyJpZCI6ImUxNGQyODE4LTI0NjAtNDhlOC1iMzY3LWFiNjUzNDkwM2Y1NiIsImNyZWF0ZWQiOjE2Njc0ODU1OTkyMDcsImluU2FtcGxlIjpmYWxzZX0=
.hairbarnyc.com/ Name: _hjAbsoluteSessionInProgress
Value: 0
.nr-data.net/ Name: JSESSIONID
Value: 93ced20e6edc149a

2 Console Messages

Source Level URL
Text
javascript error URL: https://hairbarnyc.com/(Line 2935)
Message:
Access to fetch at 'https://cdn.weglot.com/projects-settings/df0392f6336a9a6a7934a3e7a2f4a5176.json' from origin 'https://hairbarnyc.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://cdn.weglot.com/projects-settings/df0392f6336a9a6a7934a3e7a2f4a5176.json
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src * self blob: data: gap:; style-src * self 'unsafe-inline' blob: data: gap:; script-src * 'self' 'unsafe-eval' 'unsafe-inline' blob: data: gap:; object-src * 'self' blob: data: gap:; img-src * self 'unsafe-inline' blob: data: gap:; connect-src self * 'unsafe-inline' blob: data: gap:; frame-src * self blob: data: gap:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1-vbus-us-tx.ladesk.com
acsbapp.com
api.segment.io
assets.pinterest.com
bam.nr-data.net
cdn.acsbapp.com
cdn.pendo.io
cdn.segment.com
cdn.weglot.com
checkout-sdk.sezzle.com
connect.facebook.net
d1yw3duy3i4qiv.cloudfront.net
d34oxwxegf4jrt.cloudfront.net
data.pendo.io
favicon.click
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hairbarnyc.com
hairbarnyc.ladesk.com
hirefrederick.com
ipinfo.io
js-agent.newrelic.com
log.pinterest.com
platform.twitter.com
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
syndication.twitter.com
vars.hotjar.com
web1.acsbapp.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
cdn.weglot.com
favicon.click
104.244.42.8
108.157.5.209
13.224.189.122
13.224.189.51
13.224.194.61
13.225.84.91
13.226.153.18
138.128.247.123
147.185.239.229
151.101.128.84
151.101.66.137
162.247.241.14
2600:9000:21c7:d200:18:f6c:8f00:93a1
2600:9000:21f3:2600:1f:aa31:7740:93a1
2600:9000:225e:2600:1:28b3:b280:93a1
2606:2800:234:59:254c:406:2366:268c
2a00:1450:4001:800::2003
2a00:1450:4001:806::2008
2a00:1450:4001:808::200a
2a00:1450:4001:80f::200e
2a00:1450:4001:813::2003
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2004
2a00:1450:400c:c00::9d
2a02:26f0:6c00:286::1931
2a03:2880:f045:10:face:b00c:0:3
2a03:2880:f145:82:face:b00c:0:25de
34.107.204.85
34.117.59.81
35.155.45.56
45.79.6.119
54.157.58.70
54.218.207.27
72.14.190.90
01a4c62841de76e1e79aa4808c467b7cb2c1d79160e6cb1ca3a6406448b7ca91
093c8a07828c49147695500f8556d841e3cc58fe03757de3980b24e26476dce3
0a9e95feff42c3fd452d8c8f91413992db137b173c40d6118d287bc2efdc1d32
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0f6bde3e83a3412a3eb6da89038d585712c8c0ff5b4e27791cd661ae3dce5f1d
10ef3398c19da54a0d843d5ca879f3fa394641771116ae8f20c1b768ad4e38a5
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
130054ee6b7b0e6def9d2cce971e2b8799ef3a80adc4623c9f72972ee9a2fe63
131d6fd2fb63edf5bbd5f48e392216f63faf8bb4f3b72b68b3efb62a3f01e0c0
160ce669c12174a31224a38d6a4a094978334adaa5a107402a49188b36718fe9
176f5496d9c88e6efdc9505cc5dfe760d4a1ed84f9cc5db28fc79bdb5eb2f8d0
1d2b3d10cce7f92a7ce4fe9f6f58f83e3b604868b49f12ded9f50551c0707bc8
20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e
211c52be0f8d03fda1e69119423164f14dabe610c081604bf9c2466582dd68d0
22e71b3903e3ea2b53d152b34a85790f0e6bc2b8dd6795c805909c1b69ae2583
2a507a51988dc4a5abb6e2401a4e65dbe115f16b2febcc56930f6cf6c1148123
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2aeed5bed03ad488a73cb5981ef93f29ca50f2842d808dd278f6cc4a0884167e
2b61328f5f20fc6d829bc90237d707378f6375afd9330bc552c44a7671e7094e
2c31f8bb314c9d47e89662daac66d55d23a2db294da120978e1d33438b992b73
2d63013f9f84b97c3f58f1b7f11a1e1c8f1c388fb626a5393f161c4309e2691a
2da9576da5f393b7eb6a03b2daccb9d11bb6fb420e84b3de755187a2e719d2c8
2df69b6b5eabdfc3a041b51249904b1f2355bd5a3635be0ff03750df349fab24
30183eaedf8efef2154a65ceafe52c7e306d14af662525353946dd4e21a30c2e
32e523129b43af27695373bc834829cdd3627e0c28e36d5d421562dafab51ec8
34115179b64f10cbd600e5035c6b5f892424590fcbae2806572b4fdb931f84b7
384a6e769e58cae6581adfe67be8a75cacc8e51072508a6d69de4e6835d68391
3a6683c20e1244386cfbad35727983e3ef30766220b455ab3e94da24740bef09
3a7e2ded944ad36714476dda89b3ef4e971aa0f4bdd28760bc1af24235868e4f
3b490c29c79aedad43f8048c0824084902c1272b640ce21783a15120404ee92d
3df9da830a80a6415ea0e3a3dc58573e2e87308ed029a9f32b96fa89afdcbd41
3ee12b59d96390203e8dd31103aac0bb408e569e2dff5d3a60dc156541de2cba
3f419012003369c70b253a0d6302e8075692c37e4b4b1cf9bae3595b5cada40a
3f71bd27a0417d982a74bd4159a9da32a47d2e92dbfbebb205cc6dec27dd12e6
3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de
42736c7de60dfab94b3cc902b8692f80cfeb0a5989d1d51db1d25fd7d18dc45b
46525cb298d262696150996f8731fe08bd6727c7e33f2dc8222ae40f1543dfe6
47ca3bff96c2752055b80f7a64c4af7a2249d90ee5402dd117f59b170e0d385d
47cf74023ea67e48cf5ae3105410a345d7a1731a36a4731ffb4c2fe24b5614e9
498351efd313c7294dfcf1198cfe019e9215a35a59af9453e716644d08e4d098
4a8c7b5701cec2f9e08c3fe9b65ea98a98eed6ed1ec16187e75ce173c932361d
4c19359ee09e71c2da70f46963267cebd584d9104fd6f52e644b94131faab079
4e4516bbc766483dd4d215e9e1349440b53cfc13c221e5133634525b6739157a
545156adeae44dadc82b98d504f805ebe77fb79c928ef34eed1057bb9d4cb8fe
5529df7f4b430b90d0367198147b2dbde72cbfcbb24697d4a41caa040974015a
56f8acb7ab35edf60d098dd2c581f2ad43eee6ff47185b36219910dd3e6371ba
5a4164cdbb38651f2f2d28e25101780515ff8c1072ba99d0a5761500cf306ee3
5bf2859943db8c23d49f38e44084400723325b81efd52c0ef8d2f8a9faf05644
5e44dcae9822a7fe9a613eee73874bf064329a391e73336c02a1ab1da2e32a6d
66c1aff8564f0c727747c0a2f1ac6f5a215100fb599807bacecf6b23b1a6a975
68c888f05937e5f3aede47ce49ad5801c82797d3ad9b20dbe162c2504c3cef5c
6b09a83839192e3e4b4c27c4610cd63099e27f6d25079965409b109a17af476b
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c4133ff5eff0f23ca2f6fdaceea1d4dd3a91e499a0b0aef688b0f31206b0328
716bfd95f947c1cb2dc2c76bd0ac3e9002e4c4632b5ad973ff8656a06eaa30dd
74c43807cb8e7e9cf46be613e03d1efffbcabaa40b6b0fa454dab6ee5e0d16d5
7528d63cb5065f0c35f595556c6ebbf65e1a6c3dfb2c050dff74b05181211237
77a4c06a3ce2ac331868facdeec04d537b73ca4ce550b7ceb10a574bb88dc270
77c844ea7001bc0ece47469556d63d4825b645d1c9b5fccf8bb1102806ed5b5f
7e1707adc4e5f5c053055b95d49f4a12f05271a9fb3645049c4296cf6f96a248
7ea3a4ded8a7123d33da95063c9cb5e1742daab1bcf5cf53ceb807b42f5da598
80ba68989d275f8cda9f6e5aa720ac2fd242a32803608011a9ce505e463fd915
8424eb8408ed269ed1acede0db0a6299379e684f1f1d6032dee5042c9a7f54a4
8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74
8d248d7b20f483d12aab6a2d7b0c4368905a335b0197264399364116a78575e2
8d683e97a1f23650a3e38cf3621b924ccf692f2a4204d193335ceddeb9b65353
8d8ae806000576e3adc0019caa9aa321fe0eb8b6a02fdd7c093222789ae38429
961d799a71d19d461192d192014de83c3af5dc68414c78c4859544d856465559
987c59280847b3530eef6c1bc94beeea487adf7480a780576eddf822dd8c4fe9
9a3724b2051a82064c923cbd68343dcb04014adac3ccb8c4d8ac6a31ba2e12cd
9c2fed68ae0803083af72a51b15ba5127b055d24f9336ac18d18811a57dc74e5
9f534e7621a867ef10f56a094a9a68c0484508f66992f4bbd8dd5bf02d6a3225
a4e1eb362bebdf64d89c0ec02adc36a9fab4618cfa655962bdfafcf257034466
a5d800754ca9a9ece3b760b994c8335b336f1539771f2a4f3877ea250117bf26
ab1f85d6560124d8d3d99ab7fd875a5c2ff35da42f7d9c8c138e08dd198298f2
aba1b5b9023efc5fb5c9d5e5db51a68478893dc2b7da6bf88eb9ff873fefb3c2
abb76ff79e939c77dd6c97cb20dda414880f66048e1801ba4a556ba28f02352b
ac20cff7788fcc8e7b4481bb74af94cc8124f5fa8995241958b146999dba6e0a
ae73c20a7c405b54df9b4d7d9e18687e918b2b16d84e58d3904c8217b5a2d32d
b19bfb0602cf2db5514725e30830903f8df465bad4985a47a21ee13fc0f5b30b
b2ce8462d173fc92b60f98701f45443710e423af1b11525a762008ff2c1a0204
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b4f9eead135b83c8822c5851895141f0e549ad935fba7105c973e59e6b4cc6dc
b6ec9ef99e7af060bd8be117b76faeab0de6a02541ef27d4d7aabe7b67688254
bbb88a0ad5debf8c3f2e9a143c130ef998ee756a5ff51950953b103e1d264f86
bc2ca7df42c8bbd60e1af29d2895f9333614ec90f91db97446882cdf95fe6ec5
bce7ef9c5c06b89d48dca6a0cc52316497a679b2786d58dff3a2967f1729dec1
bd23cf2375e878249436f9dc1336b6a141a50f0d8609931151449cfccad46bc8
bfae9defd1fcb1f58b1d13a3cd51799652e4cad815abb3de79b232dc3ea97acc
c02444f391e8655e79ff8d7d4cb69c3426c3bffbf8731a994fa23aed0f641d12
c909cf8834415ff0cb4ec417f124c2828ad5deed8a89078bf39098c4b0c020ba
cc95bab64363493ebc9e7e26926d80dc92c14a6f0d4faa86e0b5a2d959fc9d05
ce9108f745b5ba69704d35bc03da4e94759353dbfb1c6693c3c70c715ae5d0ff
cefeea6edc2bd77939df6d1d32689376d1ca0131c37a4e412a5bd4ec7c477d20
d34dc430993c54f5aa724c7801f8c170e8417e6b2ef1b67cf753afbfaf0cdf96
d45014fa88918c35f5c3401458f0a26c0f45fe6132fc31a227b186ebe55d5d84
d4bcac43603c7560bc9a6b8f76eba9b19b18528a893c6ebc9c6dbc28709e69b6
d506e94d6ec365ea49e9da425ca4d7b09966f98d47dadfe2c4ae5b2c119403f6
d8da024d3923a0f7aa5aef8691912aa4676336e027a1383e9afdf436b40240e3
d99b7a32f6e554dc724bed1972ca255aec53bcf1aca5d37c0b7f0f16db050e39
da8f72afa06bc5bca9d9becb114a886ab11ebd8205e03ffef9f23e4fdb070a1c
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
daee2286a0787382ab04909bc40a686c252d806554a9a5cb565cd09d1674cb67
ddeab20d440fba6770815144dad4ee6a3832e42b4535b2c800d87fc269b21455
de00619b0eed3d0b0e9844c9e079fb79cb906956a4ac9f1af37c3498f2a7e384
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e55f12279b533eb4460e1ca9f8f0846c9fa2c62f205637616818be4533d7ebb0
e69aef9334ea0725c792af277da69ffdce8f8549ec6132da4a31387522da9976
e7bd8851b07a73755dbbd07fe9def642394581ebab2171e38173dacbfc062aa0
e83cf1da68603354b64842c3e6be4987d05c3d297f8c87aa11af437542101749
e9aa6fcf5e814e25b7462ed594643e25979cf9c04f3a68197b5755b476ac38a7
eaf5aea140f3e48516c27cd9c4a1b49b1cac780055ca2eaed084fcd75eb07e58
eded00575f65de726a63f811022d119ed582721233e74343735cad53930c2a76
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0be079c801e725cd6b842f842f9047670898fc083b7358a57dcf8f530848238
f2d908e27c7852b0e9d5877861de61d7f73f2ca9b5e0c41464553a83fb9b3ed1
f635c8da789a719cca46fe518b01afda4c2ab8e4000fe8f933961bab4cdeba91
f896040524443394b8b1ba4fbd1de94be74378ab901e53b3b40c1323d1735143
fa532b6e5e769269fd76cfc299fb5586889579654cdff65906627dcaf11adfa3
faa8e9370329c0b337f2c2dbbac451c8a5444d45f742f9acec42465452a87eb3
fb5d16e1e20efb235c8600ffe2d97e7a32b14d094df211d89f6d010cadc4fbb1
fdabb92563f45ba0198dead28feede636b56dfe240bf7f6724304513f1e75c14
ff0127b9955db6b0f4c2a2c3785edea8cfe19f2a114a7fb95b7400b75ab8ca71